Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-27654 (GCVE-0-2026-27654)
Vulnerability from cvelistv5 – Published: 2026-03-24 14:13 – Updated: 2026-03-24 15:15
VLAI?
EPSS
Title
NGINX ngx_http_dav_module vulnerability
Summary
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| F5 | NGINX Open Source |
Affected:
1.29.0 , < 1.29.7
(semver)
Affected: 0.5.13 , < 1.28.3 (semver) |
|||||||
|
|||||||||
Date Public ?
2026-03-24 14:00
Credits
F5 acknowledges Calif.io in collaboration with Claude and Anthropic Research for bringing this issue to our attention and following the highest standards of coordinated disclosure.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27654",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T15:14:50.235649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T15:15:00.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"ngx_http_dav_module"
],
"product": "NGINX Open Source",
"vendor": "F5",
"versions": [
{
"lessThan": "1.29.7",
"status": "affected",
"version": "1.29.0",
"versionType": "semver"
},
{
"lessThan": "1.28.3",
"status": "affected",
"version": "0.5.13",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unknown",
"modules": [
"ngx_http_dav_module"
],
"product": "NGINX Plus",
"vendor": "F5",
"versions": [
{
"lessThan": "R36 P3",
"status": "affected",
"version": "R36",
"versionType": "custom"
},
{
"lessThan": "R35 P2",
"status": "affected",
"version": "R35",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "affected",
"version": "R34",
"versionType": "custom"
},
{
"lessThan": "*",
"status": "affected",
"version": "R33",
"versionType": "custom"
},
{
"lessThan": "R32 P5",
"status": "affected",
"version": "R32",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "F5 acknowledges Calif.io in collaboration with Claude and Anthropic Research for bringing this issue to our attention and following the highest standards of coordinated disclosure."
}
],
"datePublic": "2026-03-24T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"value": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T14:32:07.177Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "NGINX ngx_http_dav_module vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2026-27654",
"datePublished": "2026-03-24T14:13:26.879Z",
"dateReserved": "2026-03-18T16:06:38.448Z",
"dateUpdated": "2026-03-24T15:15:00.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-27654\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2026-03-24T15:16:33.130\",\"lastModified\":\"2026-03-26T21:16:16.737\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\"},{\"lang\":\"es\",\"value\":\"NGINX Open Source y NGINX Plus tienen una vulnerabilidad en el m\u00f3dulo ngx_http_dav_module que podr\u00eda permitir a un atacante desencadenar un desbordamiento de b\u00fafer en el proceso de trabajador de NGINX; esta vulnerabilidad puede resultar en la terminaci\u00f3n del proceso de trabajador de NGINX o la modificaci\u00f3n de nombres de archivos de origen o destino fuera del directorio ra\u00edz de documentos. Este problema afecta a NGINX Open Source y NGINX Plus cuando el archivo de configuraci\u00f3n utiliza los m\u00e9todos MOVE o COPY del m\u00f3dulo DAV, ubicaci\u00f3n de prefijo (configuraci\u00f3n de ubicaci\u00f3n sin expresi\u00f3n regular) y directivas alias. El impacto en la integridad est\u00e1 restringido porque el usuario del proceso de trabajador de NGINX tiene privilegios bajos y no tiene acceso a todo el sistema. Nota: Las versiones de software que han alcanzado el Fin del Soporte T\u00e9cnico (EoTS) no son evaluadas.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"f5sirt@f5.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r32:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA913184-EAAD-409E-99C6-AB979DAA93F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r32:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"782DF180-1101-4D6A-A1D7-8DADBAF6D9D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r32:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB0B11F2-4748-492B-9906-F8C4C5EAFF12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r32:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B53968-1CCA-4CF3-8454-BB92EF64D10E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F58BD02-EA76-4F32-87D6-430026C8553E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r33:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"46DC49B8-7286-4867-9CDA-1C1B469CD304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r33:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"43477C2E-7485-4146-B25C-F58D632CD85B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r33:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A25B9CF-02C0-42DE-9C70-F2AD3ACE3CEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86358605-55F9-4F6F-846A-3F48738F6E05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r34:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7453D683-FCA7-46EE-BE49-5FD9A01D7F87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r34:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A977BF9F-D165-4B93-B4D2-A177883A5E75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C643CEF2-F421-4E2C-AD39-51CE820F2238\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r35:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4958360C-7993-4C82-8685-202D4940CE01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"942CA349-3FF8-4B9D-B87E-FBA8930CE913\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r36:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7993A0FB-BE7E-4634-BF7F-FDEE3582D3E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r36:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"862EA47E-8D57-434E-9C8F-238325FB85B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.5.13\",\"versionEndIncluding\":\"0.9.7\",\"matchCriteriaId\":\"BABB440C-6106-42C6-8E67-101182F26C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.28.3\",\"matchCriteriaId\":\"0E8049B1-4C36-4711-BB99-2721CF67FF81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.29.0\",\"versionEndExcluding\":\"1.29.7\",\"matchCriteriaId\":\"C0EFE28B-E8E5-464E-B407-96436CA87C8E\"}]}]}],\"references\":[{\"url\":\"https://my.f5.com/manage/s/article/K000160382\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-27654\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-24T15:14:50.235649Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-24T15:14:56.334Z\"}}], \"cna\": {\"title\": \"NGINX ngx_http_dav_module vulnerability\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"F5 acknowledges Calif.io in collaboration with Claude and Anthropic Research for bringing this issue to our attention and following the highest standards of coordinated disclosure.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.8, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"F5\", \"modules\": [\"ngx_http_dav_module\"], \"product\": \"NGINX Open Source\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.29.0\", \"lessThan\": \"1.29.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"0.5.13\", \"lessThan\": \"1.28.3\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"F5\", \"modules\": [\"ngx_http_dav_module\"], \"product\": \"NGINX Plus\", \"versions\": [{\"status\": \"affected\", \"version\": \"R36\", \"lessThan\": \"R36 P3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"R35\", \"lessThan\": \"R35 P2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"R34\", \"lessThan\": \"*\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"R33\", \"lessThan\": \"*\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"R32\", \"lessThan\": \"R32 P5\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2026-03-24T14:00:00.000Z\", \"references\": [{\"url\": \"https://my.f5.com/manage/s/article/K000160382\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"F5 SIRTBot v1.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"shortName\": \"f5\", \"dateUpdated\": \"2026-03-24T14:32:07.177Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-27654\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-24T15:15:00.495Z\", \"dateReserved\": \"2026-03-18T16:06:38.448Z\", \"assignerOrgId\": \"9dacffd4-cb11-413f-8451-fbbfd4ddc0ab\", \"datePublished\": \"2026-03-24T14:13:26.879Z\", \"assignerShortName\": \"f5\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2026:10423-1
Vulnerability from csaf_opensuse - Published: 2026-03-25 00:00 - Updated: 2026-03-25 00:00Summary
nginx-1.29.7-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: nginx-1.29.7-1.1 on GA media
Description of the patch: These are all security issues fixed in the nginx-1.29.7-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10423
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "nginx-1.29.7-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the nginx-1.29.7-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10423",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10423-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27651 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27654 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27784 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-28753 page",
"url": "https://www.suse.com/security/cve/CVE-2026-28753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-28755 page",
"url": "https://www.suse.com/security/cve/CVE-2026-28755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32647 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32647/"
}
],
"title": "nginx-1.29.7-1.1 on GA media",
"tracking": {
"current_release_date": "2026-03-25T00:00:00Z",
"generator": {
"date": "2026-03-25T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10423-1",
"initial_release_date": "2026-03-25T00:00:00Z",
"revision_history": [
{
"date": "2026-03-25T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.29.7-1.1.aarch64",
"product": {
"name": "nginx-1.29.7-1.1.aarch64",
"product_id": "nginx-1.29.7-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "nginx-source-1.29.7-1.1.aarch64",
"product": {
"name": "nginx-source-1.29.7-1.1.aarch64",
"product_id": "nginx-source-1.29.7-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.29.7-1.1.ppc64le",
"product": {
"name": "nginx-1.29.7-1.1.ppc64le",
"product_id": "nginx-1.29.7-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nginx-source-1.29.7-1.1.ppc64le",
"product": {
"name": "nginx-source-1.29.7-1.1.ppc64le",
"product_id": "nginx-source-1.29.7-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.29.7-1.1.s390x",
"product": {
"name": "nginx-1.29.7-1.1.s390x",
"product_id": "nginx-1.29.7-1.1.s390x"
}
},
{
"category": "product_version",
"name": "nginx-source-1.29.7-1.1.s390x",
"product": {
"name": "nginx-source-1.29.7-1.1.s390x",
"product_id": "nginx-source-1.29.7-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1.29.7-1.1.x86_64",
"product": {
"name": "nginx-1.29.7-1.1.x86_64",
"product_id": "nginx-1.29.7-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "nginx-source-1.29.7-1.1.x86_64",
"product": {
"name": "nginx-source-1.29.7-1.1.x86_64",
"product_id": "nginx-source-1.29.7-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.29.7-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64"
},
"product_reference": "nginx-1.29.7-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.29.7-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le"
},
"product_reference": "nginx-1.29.7-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.29.7-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x"
},
"product_reference": "nginx-1.29.7-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1.29.7-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64"
},
"product_reference": "nginx-1.29.7-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.29.7-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64"
},
"product_reference": "nginx-source-1.29.7-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.29.7-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le"
},
"product_reference": "nginx-source-1.29.7-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.29.7-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x"
},
"product_reference": "nginx-source-1.29.7-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-source-1.29.7-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
},
"product_reference": "nginx-source-1.29.7-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27651"
}
],
"notes": [
{
"category": "general",
"text": "When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by returning the Auth-Wait response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27651",
"url": "https://www.suse.com/security/cve/CVE-2026-27651"
},
{
"category": "external",
"summary": "SUSE Bug 1260415 for CVE-2026-27651",
"url": "https://bugzilla.suse.com/1260415"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-27651"
},
{
"cve": "CVE-2026-27654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27654"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27654",
"url": "https://www.suse.com/security/cve/CVE-2026-27654"
},
{
"category": "external",
"summary": "SUSE Bug 1260416 for CVE-2026-27654",
"url": "https://bugzilla.suse.com/1260416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-27654"
},
{
"cve": "CVE-2026-27784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27784"
}
],
"notes": [
{
"category": "general",
"text": "The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27784",
"url": "https://www.suse.com/security/cve/CVE-2026-27784"
},
{
"category": "external",
"summary": "SUSE Bug 1260417 for CVE-2026-27784",
"url": "https://bugzilla.suse.com/1260417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-27784"
},
{
"cve": "CVE-2026-28753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-28753"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_module module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-28753",
"url": "https://www.suse.com/security/cve/CVE-2026-28753"
},
{
"category": "external",
"summary": "SUSE Bug 1260418 for CVE-2026-28753",
"url": "https://bugzilla.suse.com/1260418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2026-28753"
},
{
"cve": "CVE-2026-28755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-28755"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check identifies the certificate as revoked. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-28755",
"url": "https://www.suse.com/security/cve/CVE-2026-28755"
},
{
"category": "external",
"summary": "SUSE Bug 1260419 for CVE-2026-28755",
"url": "https://bugzilla.suse.com/1260419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-28755"
},
{
"cve": "CVE-2026-32647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32647"
}
],
"notes": [
{
"category": "general",
"text": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32647",
"url": "https://www.suse.com/security/cve/CVE-2026-32647"
},
{
"category": "external",
"summary": "SUSE Bug 1260420 for CVE-2026-32647",
"url": "https://bugzilla.suse.com/1260420"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nginx-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-1.29.7-1.1.x86_64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.aarch64",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.ppc64le",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.s390x",
"openSUSE Tumbleweed:nginx-source-1.29.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-32647"
}
]
}
RHSA-2026:6906
Vulnerability from csaf_redhat - Published: 2026-04-07 18:43 - Updated: 2026-04-10 01:26Summary
Red Hat Security Advisory: nginx security update
Severity
Important
Notes
Topic: An update for nginx is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)
* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)
* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)
* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6906
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.
8.2 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6906
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6906
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX's ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6906
Workaround
To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.
Alternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Aisle Research
Pavel Kohout
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nginx is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)\n\n* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)\n\n* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)\n\n* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6906",
"url": "https://access.redhat.com/errata/RHSA-2026:6906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6906.json"
}
],
"title": "Red Hat Security Advisory: nginx security update",
"tracking": {
"current_release_date": "2026-04-10T01:26:15+00:00",
"generator": {
"date": "2026-04-10T01:26:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6906",
"initial_release_date": "2026-04-07T18:43:59+00:00",
"revision_history": [
{
"date": "2026-04-07T18:43:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-07T18:43:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-10T01:26:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.el10_1.1.src",
"product": {
"name": "nginx-2:1.26.3-2.el10_1.1.src",
"product_id": "nginx-2:1.26.3-2.el10_1.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.el10_1.1?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"product_id": "nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.el10_1.1?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"product_id": "nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.el10_1.1?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-core-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"product_id": "nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.el10_1.1?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"product_id": "nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.el10_1.1?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"product": {
"name": "nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"product_id": "nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.26.3-2.el10_1.1?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"product": {
"name": "nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"product_id": "nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.26.3-2.el10_1.1?arch=noarch\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-2:1.26.3-2.el10_1.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch"
},
"product_reference": "nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-2:1.26.3-2.el10_1.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch"
},
"product_reference": "nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.src",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-2:1.26.3-2.el10_1.1.noarch as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch"
},
"product_reference": "nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-2:1.26.3-2.el10_1.1.noarch as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch"
},
"product_reference": "nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27651",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-03-24T15:02:32.414082+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64"
],
"known_not_affected": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27651"
},
{
"category": "external",
"summary": "RHBZ#2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160383",
"url": "https://my.f5.com/manage/s/article/K000160383"
}
],
"release_date": "2026-03-24T14:13:27.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T18:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled"
},
{
"cve": "CVE-2026-27654",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-24T15:01:19.814138+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
],
"known_not_affected": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27654"
},
{
"category": "external",
"summary": "RHBZ#2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160382",
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"release_date": "2026-03-24T14:13:26.879000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T18:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module"
},
{
"cve": "CVE-2026-27784",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-03-24T15:02:07.092253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450785"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
],
"known_not_affected": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27784"
},
{
"category": "external",
"summary": "RHBZ#2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160364",
"url": "https://my.f5.com/manage/s/article/K000160364"
}
],
"release_date": "2026-03-24T14:13:25.343000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T18:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file"
},
{
"acknowledgments": [
{
"names": [
"Pavel Kohout"
],
"organization": "Aisle Research"
}
],
"cve": "CVE-2026-32647",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2026-03-20T11:44:34.715000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX\u0027s ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in the NGINX ngx_http_mp4_module is due to improper handling of specially crafted MP4 files. A local authenticated attacker could exploit this flaw by providing a malicious MP4 file, leading to a denial of service or potentially arbitrary code execution. Red Hat products utilizing NGINX with the ngx_http_mp4_module enabled are affected if untrusted MP4 files are processed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
],
"known_not_affected": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32647"
},
{
"category": "external",
"summary": "RHBZ#2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160366",
"url": "https://my.f5.com/manage/s/article/K000160366"
}
],
"release_date": "2026-03-24T18:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T18:43:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6906"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.\n\nAlternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.",
"product_ids": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"AppStream-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"AppStream-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.src",
"CRB-10.1.Z:nginx-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-all-modules-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-core-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-debugsource-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-filesystem-2:1.26.3-2.el10_1.1.noarch",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-devel-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-perl-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-mail-debuginfo-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-2:1.26.3-2.el10_1.1.x86_64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.aarch64",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.ppc64le",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.s390x",
"CRB-10.1.Z:nginx-mod-stream-debuginfo-2:1.26.3-2.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files"
}
]
}
RHSA-2026:6907
Vulnerability from csaf_redhat - Published: 2026-04-07 20:50 - Updated: 2026-04-10 01:26Summary
Red Hat Security Advisory: nginx:1.24 security update
Severity
Important
Notes
Topic: An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)
* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)
* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)
* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6907
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.
8.2 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6907
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6907
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX's ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6907
Workaround
To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.
Alternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Aisle Research
Pavel Kohout
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)\n\n* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)\n\n* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)\n\n* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6907",
"url": "https://access.redhat.com/errata/RHSA-2026:6907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6907.json"
}
],
"title": "Red Hat Security Advisory: nginx:1.24 security update",
"tracking": {
"current_release_date": "2026-04-10T01:26:14+00:00",
"generator": {
"date": "2026-04-10T01:26:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6907",
"initial_release_date": "2026-04-07T20:50:40+00:00",
"revision_history": [
{
"date": "2026-04-07T20:50:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-07T20:50:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-10T01:26:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src (nginx:1.24)",
"product_id": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=src\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"product": {
"name": "nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch (nginx:1.24)",
"product_id": "nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=noarch\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"product": {
"name": "nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch (nginx:1.24)",
"product_id": "nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=noarch\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-3.module%2Bel8.10.0%2B24155%2B8a5ade52?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:8100020260401080144:489197e6"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24"
},
"product_reference": "nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24"
},
"product_reference": "nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27651",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-03-24T15:02:32.414082+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27651"
},
{
"category": "external",
"summary": "RHBZ#2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160383",
"url": "https://my.f5.com/manage/s/article/K000160383"
}
],
"release_date": "2026-03-24T14:13:27.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T20:50:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6907"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled"
},
{
"cve": "CVE-2026-27654",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-24T15:01:19.814138+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27654"
},
{
"category": "external",
"summary": "RHBZ#2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160382",
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"release_date": "2026-03-24T14:13:26.879000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T20:50:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6907"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module"
},
{
"cve": "CVE-2026-27784",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-03-24T15:02:07.092253+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450785"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27784"
},
{
"category": "external",
"summary": "RHBZ#2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160364",
"url": "https://my.f5.com/manage/s/article/K000160364"
}
],
"release_date": "2026-03-24T14:13:25.343000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T20:50:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6907"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file"
},
{
"acknowledgments": [
{
"names": [
"Pavel Kohout"
],
"organization": "Aisle Research"
}
],
"cve": "CVE-2026-32647",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2026-03-20T11:44:34.715000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX\u0027s ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in the NGINX ngx_http_mp4_module is due to improper handling of specially crafted MP4 files. A local authenticated attacker could exploit this flaw by providing a malicious MP4 file, leading to a denial of service or potentially arbitrary code execution. Red Hat products utilizing NGINX with the ngx_http_mp4_module enabled are affected if untrusted MP4 files are processed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32647"
},
{
"category": "external",
"summary": "RHBZ#2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160366",
"url": "https://my.f5.com/manage/s/article/K000160366"
}
],
"release_date": "2026-03-24T18:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T20:50:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6907"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.\n\nAlternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.src::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-all-modules-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-debugsource-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-filesystem-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.noarch::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-devel-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.aarch64::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.ppc64le::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.s390x::nginx:1.24",
"AppStream-8.10.0.Z.MAIN.EUS:nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+24155+8a5ade52.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files"
}
]
}
RHSA-2026:7343
Vulnerability from csaf_redhat - Published: 2026-04-09 19:00 - Updated: 2026-04-10 01:26Summary
Red Hat Security Advisory: nginx:1.26 security update
Severity
Important
Notes
Topic: An update for the nginx:1.26 module is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)
* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)
* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)
* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7343
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.
8.2 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7343
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7343
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX's ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7343
Workaround
To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.
Alternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Aisle Research
Pavel Kohout
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nginx:1.26 module is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)\n\n* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)\n\n* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)\n\n* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7343",
"url": "https://access.redhat.com/errata/RHSA-2026:7343"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7343.json"
}
],
"title": "Red Hat Security Advisory: nginx:1.26 security update",
"tracking": {
"current_release_date": "2026-04-10T01:26:15+00:00",
"generator": {
"date": "2026-04-10T01:26:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:7343",
"initial_release_date": "2026-04-09T19:00:58+00:00",
"revision_history": [
{
"date": "2026-04-09T19:00:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-09T19:00:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-10T01:26:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"product": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src (nginx:1.26)",
"product_id": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=src\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"product": {
"name": "nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch (nginx:1.26)",
"product_id": "nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=noarch\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"product": {
"name": "nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch (nginx:1.26)",
"product_id": "nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=noarch\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26)",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=aarch64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26)",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=ppc64le\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26)",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=s390x\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26)",
"product_id": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.26.3-2.module%2Bel9.7.0%2B24173%2B4204b761.1?arch=x86_64\u0026epoch=2\u0026rpmmod=nginx:1.26:9070020260407080353:9"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26"
},
"product_reference": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26"
},
"product_reference": "nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26"
},
"product_reference": "nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64 (nginx:1.26) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27651",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-03-24T15:02:32.414082+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27651"
},
{
"category": "external",
"summary": "RHBZ#2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160383",
"url": "https://my.f5.com/manage/s/article/K000160383"
}
],
"release_date": "2026-03-24T14:13:27.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T19:00:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7343"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled"
},
{
"cve": "CVE-2026-27654",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-24T15:01:19.814138+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27654"
},
{
"category": "external",
"summary": "RHBZ#2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160382",
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"release_date": "2026-03-24T14:13:26.879000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T19:00:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7343"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module"
},
{
"cve": "CVE-2026-27784",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-03-24T15:02:07.092253+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450785"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27784"
},
{
"category": "external",
"summary": "RHBZ#2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160364",
"url": "https://my.f5.com/manage/s/article/K000160364"
}
],
"release_date": "2026-03-24T14:13:25.343000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T19:00:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7343"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file"
},
{
"acknowledgments": [
{
"names": [
"Pavel Kohout"
],
"organization": "Aisle Research"
}
],
"cve": "CVE-2026-32647",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2026-03-20T11:44:34.715000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX\u0027s ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in the NGINX ngx_http_mp4_module is due to improper handling of specially crafted MP4 files. A local authenticated attacker could exploit this flaw by providing a malicious MP4 file, leading to a denial of service or potentially arbitrary code execution. Red Hat products utilizing NGINX with the ngx_http_mp4_module enabled are affected if untrusted MP4 files are processed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32647"
},
{
"category": "external",
"summary": "RHBZ#2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160366",
"url": "https://my.f5.com/manage/s/article/K000160366"
}
],
"release_date": "2026-03-24T18:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T19:00:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7343"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.\n\nAlternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.src::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.noarch::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.aarch64::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.ppc64le::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.s390x::nginx:1.26",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+24173+4204b761.1.x86_64::nginx:1.26"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files"
}
]
}
RHSA-2026:6923
Vulnerability from csaf_redhat - Published: 2026-04-07 21:43 - Updated: 2026-04-10 01:26Summary
Red Hat Security Advisory: nginx:1.24 security update
Severity
Important
Notes
Topic: An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)
* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)
* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)
* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6923
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.
8.2 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6923
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6923
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX's ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6923
Workaround
To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.
Alternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Aisle Research
Pavel Kohout
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)\n\n* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)\n\n* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)\n\n* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6923",
"url": "https://access.redhat.com/errata/RHSA-2026:6923"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6923.json"
}
],
"title": "Red Hat Security Advisory: nginx:1.24 security update",
"tracking": {
"current_release_date": "2026-04-10T01:26:13+00:00",
"generator": {
"date": "2026-04-10T01:26:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6923",
"initial_release_date": "2026-04-07T21:43:30+00:00",
"revision_history": [
{
"date": "2026-04-07T21:43:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-07T21:43:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-10T01:26:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src (nginx:1.24)",
"product_id": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=src\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"product": {
"name": "nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch (nginx:1.24)",
"product_id": "nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=noarch\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"product": {
"name": "nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch (nginx:1.24)",
"product_id": "nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=noarch\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=aarch64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=ppc64le\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=s390x\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24)",
"product_id": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.24.0-5.module%2Bel9.7.0%2B24151%2Bc43a3acf.2?arch=x86_64\u0026epoch=1\u0026rpmmod=nginx:1.24:9070020260331134728:9"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24"
},
"product_reference": "nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24"
},
"product_reference": "nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64 (nginx:1.24) as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
},
"product_reference": "nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27651",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-03-24T15:02:32.414082+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27651"
},
{
"category": "external",
"summary": "RHBZ#2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160383",
"url": "https://my.f5.com/manage/s/article/K000160383"
}
],
"release_date": "2026-03-24T14:13:27.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T21:43:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6923"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled"
},
{
"cve": "CVE-2026-27654",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-24T15:01:19.814138+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27654"
},
{
"category": "external",
"summary": "RHBZ#2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160382",
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"release_date": "2026-03-24T14:13:26.879000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T21:43:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6923"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module"
},
{
"cve": "CVE-2026-27784",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-03-24T15:02:07.092253+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450785"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27784"
},
{
"category": "external",
"summary": "RHBZ#2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160364",
"url": "https://my.f5.com/manage/s/article/K000160364"
}
],
"release_date": "2026-03-24T14:13:25.343000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T21:43:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6923"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file"
},
{
"acknowledgments": [
{
"names": [
"Pavel Kohout"
],
"organization": "Aisle Research"
}
],
"cve": "CVE-2026-32647",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2026-03-20T11:44:34.715000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX\u0027s ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in the NGINX ngx_http_mp4_module is due to improper handling of specially crafted MP4 files. A local authenticated attacker could exploit this flaw by providing a malicious MP4 file, leading to a denial of service or potentially arbitrary code execution. Red Hat products utilizing NGINX with the ngx_http_mp4_module enabled are affected if untrusted MP4 files are processed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32647"
},
{
"category": "external",
"summary": "RHBZ#2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160366",
"url": "https://my.f5.com/manage/s/article/K000160366"
}
],
"release_date": "2026-03-24T18:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T21:43:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6923"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.\n\nAlternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.src::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.noarch::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.aarch64::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.ppc64le::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.s390x::nginx:1.24",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2.x86_64::nginx:1.24"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files"
}
]
}
RHSA-2026:7002
Vulnerability from csaf_redhat - Published: 2026-04-08 08:11 - Updated: 2026-04-10 01:26Summary
Red Hat Security Advisory: nginx security update
Severity
Important
Notes
Topic: An update for nginx is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)
* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)
* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)
* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7002
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.
8.2 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7002
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7002
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in NGINX's ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:7002
Workaround
To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.
Alternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Aisle Research
Pavel Kohout
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for nginx is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. \n\nSecurity Fix(es):\n\n* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)\n\n* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)\n\n* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)\n\n* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7002",
"url": "https://access.redhat.com/errata/RHSA-2026:7002"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7002.json"
}
],
"title": "Red Hat Security Advisory: nginx security update",
"tracking": {
"current_release_date": "2026-04-10T01:26:17+00:00",
"generator": {
"date": "2026-04-10T01:26:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:7002",
"initial_release_date": "2026-04-08T08:11:46+00:00",
"revision_history": [
{
"date": "2026-04-08T08:11:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T08:11:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-10T01:26:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-24.el9_7.2.src",
"product": {
"name": "nginx-2:1.20.1-24.el9_7.2.src",
"product_id": "nginx-2:1.20.1-24.el9_7.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-24.el9_7.2?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"product": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"product_id": "nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-24.el9_7.2?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"product": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"product_id": "nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-24.el9_7.2?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"product": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"product_id": "nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-24.el9_7.2?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-core-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debugsource@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-core-debuginfo@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-debuginfo@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"product": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"product_id": "nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-mod-devel@1.20.1-24.el9_7.2?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"product": {
"name": "nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"product_id": "nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-all-modules@1.20.1-24.el9_7.2?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"product": {
"name": "nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"product_id": "nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nginx-filesystem@1.20.1-24.el9_7.2?arch=noarch\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-2:1.20.1-24.el9_7.2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch"
},
"product_reference": "nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-2:1.20.1-24.el9_7.2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch"
},
"product_reference": "nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.src",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-all-modules-2:1.20.1-24.el9_7.2.noarch as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch"
},
"product_reference": "nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-filesystem-2:1.20.1-24.el9_7.2.noarch as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch"
},
"product_reference": "nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
},
"product_reference": "nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27651",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-03-24T15:02:32.414082+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450791"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64"
],
"known_not_affected": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27651"
},
{
"category": "external",
"summary": "RHBZ#2450791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160383",
"url": "https://my.f5.com/manage/s/article/K000160383"
}
],
"release_date": "2026-03-24T14:13:27.295000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T08:11:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7002"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled"
},
{
"cve": "CVE-2026-27654",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-03-24T15:01:19.814138+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngx_http_dav_module module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to the termination of the NGINX worker process, resulting in a Denial of Service (DoS), or allow for the modification of source or destination file names outside the intended document root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
],
"known_not_affected": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27654"
},
{
"category": "external",
"summary": "RHBZ#2450776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160382",
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"release_date": "2026-03-24T14:13:26.879000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T08:11:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7002"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module"
},
{
"cve": "CVE-2026-27784",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-03-24T15:02:07.092253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2450785"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX Open Source, specifically within the ngx_http_mp4_module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resulting in a Denial of Service (DoS). This issue affects 32-bit NGINX Open Source when built with the ngx_http_mp4_module and the mp4 directive is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
],
"known_not_affected": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27784"
},
{
"category": "external",
"summary": "RHBZ#2450785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160364",
"url": "https://my.f5.com/manage/s/article/K000160364"
}
],
"release_date": "2026-03-24T14:13:25.343000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T08:11:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7002"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file"
},
{
"acknowledgments": [
{
"names": [
"Pavel Kohout"
],
"organization": "Aisle Research"
}
],
"cve": "CVE-2026-32647",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2026-03-20T11:44:34.715000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in NGINX\u0027s ngx_http_mp4_module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead to process termination, potentially causing a denial-of-service or, under certain conditions, achieving code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in the NGINX ngx_http_mp4_module is due to improper handling of specially crafted MP4 files. A local authenticated attacker could exploit this flaw by providing a malicious MP4 file, leading to a denial of service or potentially arbitrary code execution. Red Hat products utilizing NGINX with the ngx_http_mp4_module enabled are affected if untrusted MP4 files are processed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
],
"known_not_affected": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32647"
},
{
"category": "external",
"summary": "RHBZ#2449598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647"
},
{
"category": "external",
"summary": "https://my.f5.com/manage/s/article/K000160366",
"url": "https://my.f5.com/manage/s/article/K000160366"
}
],
"release_date": "2026-03-24T18:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T08:11:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7002"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the ngx_http_mp4_module in your NGINX configuration if MP4 file processing is not required. This can be done by commenting out or removing the mp4 directive from the NGINX configuration file. After modifying the configuration, a reload or restart of the NGINX service is required for the changes to take effect.\n\nAlternatively, restrict access to the NGINX server to trusted networks and users to prevent the upload and processing of malicious MP4 files.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"AppStream-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"AppStream-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.src",
"CRB-9.7.0.Z.MAIN:nginx-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-all-modules-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-core-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-debugsource-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-filesystem-2:1.20.1-24.el9_7.2.noarch",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-devel-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-image-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-perl-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-http-xslt-filter-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-mail-debuginfo-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-2:1.20.1-24.el9_7.2.x86_64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.aarch64",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.ppc64le",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.s390x",
"CRB-9.7.0.Z.MAIN:nginx-mod-stream-debuginfo-2:1.20.1-24.el9_7.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files"
}
]
}
CERTFR-2026-AVI-0376
Vulnerability from certfr_avis - Published: 2026-03-30 - Updated: 2026-03-30
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | CBL Mariner | cbl2 telegraf 1.29.4-21 versions antérieures à 1.29.4-22 | ||
| Microsoft | Azure Linux | azl3 glibc 2.38-18 versions antérieures à 2.38-19 | ||
| Microsoft | Azure Linux | azl3 squid 6.13-3 versions antérieures à 6.13-4 | ||
| Microsoft | Azure Linux | azl3 python-pyasn1 0.4.8-1 versions antérieures à 0.4.8-2 | ||
| Microsoft | Azure Linux | azl3 nginx 1.28.2-1 versions antérieures à 1.28.3-1 | ||
| Microsoft | CBL Mariner | cbl2 ncurses 6.4-3 versions antérieures à 6.4-4 | ||
| Microsoft | Azure Linux | azl3 kernel 6.6.126.1-1 versions antérieures à 6.6.130.1-1 | ||
| Microsoft | Azure Linux | azl3 ncurses 6.4-2 versions antérieures à 6.4-3 | ||
| Microsoft | CBL Mariner | cbl2 terraform 1.3.2-29 versions antérieures à 1.3.2-30 | ||
| Microsoft | Azure Linux | azl3 libsoup 3.4.4-12 versions antérieures à 3.4.4-14 | ||
| Microsoft | Azure Linux | azl3 etcd 3.5.21-1 versions antérieures à 3.5.28-1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "cbl2 telegraf 1.29.4-21 versions ant\u00e9rieures \u00e0 1.29.4-22",
"product": {
"name": "CBL Mariner",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 glibc 2.38-18 versions ant\u00e9rieures \u00e0 2.38-19",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 squid 6.13-3 versions ant\u00e9rieures \u00e0 6.13-4",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python-pyasn1 0.4.8-1 versions ant\u00e9rieures \u00e0 0.4.8-2",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 nginx 1.28.2-1 versions ant\u00e9rieures \u00e0 1.28.3-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 ncurses 6.4-3 versions ant\u00e9rieures \u00e0 6.4-4",
"product": {
"name": "CBL Mariner",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 kernel 6.6.126.1-1 versions ant\u00e9rieures \u00e0 6.6.130.1-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 ncurses 6.4-2 versions ant\u00e9rieures \u00e0 6.4-3",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 terraform 1.3.2-29 versions ant\u00e9rieures \u00e0 1.3.2-30",
"product": {
"name": "CBL Mariner",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 libsoup 3.4.4-12 versions ant\u00e9rieures \u00e0 3.4.4-14",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 etcd 3.5.21-1 versions ant\u00e9rieures \u00e0 3.5.28-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-23318",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23318"
},
{
"name": "CVE-2026-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23368"
},
{
"name": "CVE-2026-23281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23281"
},
{
"name": "CVE-2026-32647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
},
{
"name": "CVE-2026-23269",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23269"
},
{
"name": "CVE-2026-23293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23293"
},
{
"name": "CVE-2026-23290",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23290"
},
{
"name": "CVE-2026-27651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
},
{
"name": "CVE-2026-23303",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23303"
},
{
"name": "CVE-2026-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
},
{
"name": "CVE-2026-23340",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23340"
},
{
"name": "CVE-2026-23253",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23253"
},
{
"name": "CVE-2026-33343",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33343"
},
{
"name": "CVE-2026-23271",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23271"
},
{
"name": "CVE-2026-23268",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23268"
},
{
"name": "CVE-2026-23285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23285"
},
{
"name": "CVE-2026-23304",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23304"
},
{
"name": "CVE-2026-23357",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23357"
},
{
"name": "CVE-2026-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4645"
},
{
"name": "CVE-2026-23324",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23324"
},
{
"name": "CVE-2026-23347",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23347"
},
{
"name": "CVE-2026-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28755"
},
{
"name": "CVE-2026-23317",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23317"
},
{
"name": "CVE-2026-23334",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23334"
},
{
"name": "CVE-2026-23391",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23391"
},
{
"name": "CVE-2026-23319",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23319"
},
{
"name": "CVE-2026-23279",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23279"
},
{
"name": "CVE-2026-23244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23244"
},
{
"name": "CVE-2026-23246",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23246"
},
{
"name": "CVE-2026-30922",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
},
{
"name": "CVE-2026-23286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23286"
},
{
"name": "CVE-2026-23359",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23359"
},
{
"name": "CVE-2026-23298",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23298"
},
{
"name": "CVE-2026-23296",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23296"
},
{
"name": "CVE-2026-23396",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23396"
},
{
"name": "CVE-2026-23370",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23370"
},
{
"name": "CVE-2026-23315",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23315"
},
{
"name": "CVE-2026-23352",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23352"
},
{
"name": "CVE-2026-23367",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23367"
},
{
"name": "CVE-2026-32748",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32748"
},
{
"name": "CVE-2026-23300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23300"
},
{
"name": "CVE-2026-23379",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23379"
},
{
"name": "CVE-2026-23381",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23381"
},
{
"name": "CVE-2026-23392",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23392"
},
{
"name": "CVE-2026-23245",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23245"
},
{
"name": "CVE-2026-4438",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4438"
},
{
"name": "CVE-2026-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23364"
},
{
"name": "CVE-2026-23274",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23274"
},
{
"name": "CVE-2026-23284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23284"
},
{
"name": "CVE-2026-23397",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23397"
},
{
"name": "CVE-2026-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23343"
},
{
"name": "CVE-2026-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23336"
},
{
"name": "CVE-2025-69720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69720"
},
{
"name": "CVE-2026-23289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23289"
},
{
"name": "CVE-2026-23292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23292"
},
{
"name": "CVE-2026-23277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23277"
},
{
"name": "CVE-2026-4437",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4437"
},
{
"name": "CVE-2026-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
},
{
"name": "CVE-2026-23388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23388"
},
{
"name": "CVE-2026-28753",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28753"
},
{
"name": "CVE-2026-33526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33526"
},
{
"name": "CVE-2026-23310",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23310"
},
{
"name": "CVE-2026-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2369"
},
{
"name": "CVE-2026-33515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33515"
},
{
"name": "CVE-2026-23395",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23395"
},
{
"name": "CVE-2026-23100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23100"
},
{
"name": "CVE-2026-23306",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23306"
},
{
"name": "CVE-2026-33413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33413"
},
{
"name": "CVE-2026-23291",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23291"
},
{
"name": "CVE-2026-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23382"
},
{
"name": "CVE-2026-23312",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23312"
},
{
"name": "CVE-2026-23365",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23365"
},
{
"name": "CVE-2026-23356",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23356"
},
{
"name": "CVE-2026-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23307"
},
{
"name": "CVE-2026-23398",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23398"
},
{
"name": "CVE-2026-23351",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23351"
},
{
"name": "CVE-2026-23390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23390"
}
],
"initial_release_date": "2026-03-30T00:00:00",
"last_revision_date": "2026-03-30T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0376",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32748",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748"
},
{
"published_at": "2026-03-22",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4438",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23347",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347"
},
{
"published_at": "2026-03-20",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23268",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23392",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23319",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319"
},
{
"published_at": "2026-03-20",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23253",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23296",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23364",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23368",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27654",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-30922",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23286",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23396",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23396"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23340",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23340"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23324",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23324"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33515",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33515"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23318",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23318"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23379",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23379"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23317",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23317"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27784",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27784"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23359",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23359"
},
{
"published_at": "2026-03-19",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23245",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23245"
},
{
"published_at": "2026-03-20",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23269",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23269"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23298",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23298"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23304",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23304"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23370",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23370"
},
{
"published_at": "2026-03-22",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23100",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23100"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23271",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23271"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23352",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23352"
},
{
"published_at": "2026-03-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33343",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33343"
},
{
"published_at": "2026-03-22",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4437",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4437"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23343",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23343"
},
{
"published_at": "2026-03-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33413",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33413"
},
{
"published_at": "2026-03-19",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23246",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23246"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23279",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23279"
},
{
"published_at": "2026-03-19",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23244",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23244"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23367",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23367"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23307",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23307"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23398",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23398"
},
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-69720",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69720"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28755",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28755"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23300",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23300"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23381",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23381"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23356",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23356"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23351",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23351"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23277",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23277"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23315",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23315"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4645",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4645"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33526",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33526"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23382",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23382"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23310",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23310"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23306",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23306"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23336",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23336"
},
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-2369",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-2369"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23391",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23391"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23290",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23290"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23312",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23312"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23388",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23388"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23390",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23390"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23303",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23303"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23289",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23289"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23293",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23293"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27651",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27651"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23291",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23291"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28753",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28753"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23334",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23334"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32647",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32647"
},
{
"published_at": "2026-03-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23397",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23397"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23281",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23281"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23365",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23365"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23285",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23285"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23292",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23292"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23284",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23284"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23395",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23395"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23274",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23274"
},
{
"published_at": "2026-03-26",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23357",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23357"
}
]
}
CERTFR-2026-AVI-0352
Vulnerability from certfr_avis - Published: 2026-03-25 - Updated: 2026-03-25
De multiples vulnérabilités ont été découvertes dans les produits F5. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | NGINX Plus | NGINX Plus versions R32 Px antérieures à R32 P5 | ||
| F5 | NGINX Plus | NGINX Plus versions R35 Px antérieures à R35 P2 | ||
| F5 | NGINX Plus | NGINX Plus versions R36 Px antérieures à R36 P3 | ||
| F5 | NGINX Open Source | Nginx Open Source versions 1.29.x antérieures à 1.29.7 | ||
| F5 | NGINX Open Source | Nginx Open Source versions 1.28.x antérieures à 1.28.3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NGINX Plus versions R32 Px ant\u00e9rieures \u00e0 R32 P5",
"product": {
"name": "NGINX Plus",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX Plus versions R35 Px ant\u00e9rieures \u00e0 R35 P2",
"product": {
"name": "NGINX Plus",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "NGINX Plus versions R36 Px ant\u00e9rieures \u00e0 R36 P3",
"product": {
"name": "NGINX Plus",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "Nginx Open Source versions 1.29.x ant\u00e9rieures \u00e0 1.29.7",
"product": {
"name": "NGINX Open Source",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "Nginx Open Source versions 1.28.x ant\u00e9rieures \u00e0 1.28.3",
"product": {
"name": "NGINX Open Source",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-32647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
},
{
"name": "CVE-2026-27651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
},
{
"name": "CVE-2026-27654",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
},
{
"name": "CVE-2026-28755",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28755"
},
{
"name": "CVE-2026-27784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
},
{
"name": "CVE-2026-28753",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28753"
}
],
"initial_release_date": "2026-03-25T00:00:00",
"last_revision_date": "2026-03-25T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0352",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits F5. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits F5",
"vendor_advisories": [
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Nginx K000160383",
"url": "https://my.f5.com/manage/s/article/K000160383"
},
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Nginx K000160368",
"url": "https://my.f5.com/manage/s/article/K000160368"
},
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Nginx K000160367",
"url": "https://my.f5.com/manage/s/article/K000160367"
},
{
"published_at": "2026-03-24",
"title": "Bulletin de s\u00e9curit\u00e9 F5 K000160336",
"url": "https://my.f5.com/manage/s/article/K000160336"
},
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Nginx K000160382",
"url": "https://my.f5.com/manage/s/article/K000160382"
},
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Nginx K000160364",
"url": "https://my.f5.com/manage/s/article/K000160364"
},
{
"published_at": "2026-03-25",
"title": "Bulletin de s\u00e9curit\u00e9 Nginx K000160366",
"url": "https://my.f5.com/manage/s/article/K000160366"
}
]
}
bit-nginx-2026-27654
Vulnerability from bitnami_vulndb
Published
2026-03-27 07:10
Modified
2026-03-27 07:40
Summary
NGINX ngx_http_dav_module vulnerability
Details
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "nginx",
"purl": "pkg:bitnami/nginx"
},
"ranges": [
{
"events": [
{
"introduced": "0.5.13"
},
{
"fixed": "1.28.3"
},
{
"introduced": "1.29.0"
},
{
"fixed": "1.29.7"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
],
"aliases": [
"CVE-2026-27654"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*"
],
"severity": "High"
},
"details": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"id": "BIT-nginx-2026-27654",
"modified": "2026-03-27T07:40:55.991Z",
"published": "2026-03-27T07:10:05.293Z",
"references": [
{
"type": "WEB",
"url": "https://my.f5.com/manage/s/article/K000160382"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654"
}
],
"schema_version": "1.6.2",
"summary": "NGINX ngx_http_dav_module vulnerability"
}
MSRC_CVE-2026-27654
Vulnerability from csaf_microsoft - Published: 2026-03-02 00:00 - Updated: 2026-03-28 14:38Summary
NGINX ngx_http_dav_module vulnerability
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
8.2 (High)
Vendor Fix
1.28.3-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
Vendor Fix
1.22.1-16:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-27654 NGINX ngx_http_dav_module vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-27654.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "NGINX ngx_http_dav_module vulnerability",
"tracking": {
"current_release_date": "2026-03-28T14:38:27.000Z",
"generator": {
"date": "2026-03-29T07:23:46.507Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-27654",
"initial_release_date": "2026-03-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-03-27T01:02:01.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-03-27T14:44:58.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-03-28T14:38:27.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 nginx 1.28.2-1",
"product": {
"name": "\u003cazl3 nginx 1.28.2-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 nginx 1.28.2-1",
"product": {
"name": "azl3 nginx 1.28.2-1",
"product_id": "21076"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 nginx 1.22.1-15",
"product": {
"name": "\u003ccbl2 nginx 1.22.1-15",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 nginx 1.22.1-15",
"product": {
"name": "cbl2 nginx 1.22.1-15",
"product_id": "21077"
}
}
],
"category": "product_name",
"name": "nginx"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 nginx 1.28.2-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nginx 1.28.2-1 as a component of Azure Linux 3.0",
"product_id": "21076-17084"
},
"product_reference": "21076",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nginx 1.22.1-15 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nginx 1.22.1-15 as a component of CBL Mariner 2.0",
"product_id": "21077-17086"
},
"product_reference": "21077",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27654",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "general",
"text": "f5",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"21076-17084",
"21077-17086"
],
"known_affected": [
"17084-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-27654 NGINX ngx_http_dav_module vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-27654.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-27T01:02:01.000Z",
"details": "1.28.3-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2026-03-27T01:02:01.000Z",
"details": "1.22.1-16:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.2,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"17084-2",
"17086-1"
]
}
],
"title": "NGINX ngx_http_dav_module vulnerability"
}
]
}
WID-SEC-W-2026-0860
Vulnerability from csaf_certbund - Published: 2026-03-24 23:00 - Updated: 2026-04-09 22:00Summary
NGINX und NGINX Plus: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: NGINX Plus ist die kommerzielle Variante von NGINX, einer Webserver-, Reverse Proxy- und E-Mail Proxy Software.
NGINX ist eine Webserver-, Reverse Proxy- und E-Mail-Proxy Software.
Angriff: Ein Angreifer kann mehrere Schwachstellen in NGINX Plus und NGINX ausnutzen, um einen Denial of Service Angriff durchzuführen, um Daten zu manipulieren, um Sicherheitsvorkehrungen zu umgehen, und potenziell um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "NGINX Plus ist die kommerzielle Variante von NGINX, einer Webserver-, Reverse Proxy- und E-Mail Proxy Software.\r\nNGINX ist eine Webserver-, Reverse Proxy- und E-Mail-Proxy Software.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in NGINX Plus und NGINX ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, um Daten zu manipulieren, um Sicherheitsvorkehrungen zu umgehen, und potenziell um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0860 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0860.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0860 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0860"
},
{
"category": "external",
"summary": "EU Vulnerability Database vom 2026-03-24",
"url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-14880"
},
{
"category": "external",
"summary": "EU Vulnerability Database vom 2026-03-24",
"url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-14881"
},
{
"category": "external",
"summary": "EU Vulnerability Database vom 2026-03-24",
"url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-14883"
},
{
"category": "external",
"summary": "EU Vulnerability Database vom 2026-03-24",
"url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-14885"
},
{
"category": "external",
"summary": "EU Vulnerability Database vom 2026-03-24",
"url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-14887"
},
{
"category": "external",
"summary": "EU Vulnerability Database vom 2026-03-24",
"url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-14897"
},
{
"category": "external",
"summary": "F5 Security Advisory vom 2026-03-24",
"url": "https://my.f5.com/manage/s/article/K000160383"
},
{
"category": "external",
"summary": "F5 Security Advisory vom 2026-03-24",
"url": "https://my.f5.com/manage/s/article/K000160382"
},
{
"category": "external",
"summary": "F5 Security Advisory vom 2026-03-24",
"url": "https://my.f5.com/manage/s/article/K000160364"
},
{
"category": "external",
"summary": "F5 Security Advisory vom 2026-03-24",
"url": "https://my.f5.com/manage/s/article/K000160367"
},
{
"category": "external",
"summary": "F5 Security Advisory vom 2026-03-24",
"url": "https://my.f5.com/manage/s/article/K000160368"
},
{
"category": "external",
"summary": "F5 Security Advisory vom 2026-03-24",
"url": "https://my.f5.com/manage/s/article/K000160366"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-4DE4D247A0 vom 2026-03-25",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-4de4d247a0"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10423-1 vom 2026-03-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XQVD3WMISNZQSD5MXTECPJHIO3LBJKQ7/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6906 vom 2026-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2026-6906.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6907 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:6907"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6906 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:6906"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6923 vom 2026-04-08",
"url": "https://errata.build.resf.org/RLSA-2026:6923"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6923 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:6923"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7002 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:7002"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6923 vom 2026-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2026-6923.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6907 vom 2026-04-09",
"url": "https://errata.build.resf.org/RLSA-2026:6907"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7343 vom 2026-04-09",
"url": "https://access.redhat.com/errata/RHSA-2026:7343"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-7002 vom 2026-04-09",
"url": "https://linux.oracle.com/errata/ELSA-2026-7002.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6907 vom 2026-04-09",
"url": "https://linux.oracle.com/errata/ELSA-2026-6907.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6906 vom 2026-04-09",
"url": "https://errata.build.resf.org/RLSA-2026:6906"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:7343 vom 2026-04-10",
"url": "https://errata.build.resf.org/RLSA-2026:7343"
}
],
"source_lang": "en-US",
"title": "NGINX und NGINX Plus: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-09T22:00:00.000+00:00",
"generator": {
"date": "2026-04-10T07:10:07.356+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0860",
"initial_release_date": "2026-03-24T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-24T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2026-03-29T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-04-07T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux, Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-04-08T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat, Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.29.7",
"product": {
"name": "NGINX NGINX \u003c1.29.7",
"product_id": "T052140"
}
},
{
"category": "product_version",
"name": "1.29.7",
"product": {
"name": "NGINX NGINX 1.29.7",
"product_id": "T052140-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nginx:nginx:1.29.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.28.3",
"product": {
"name": "NGINX NGINX \u003c1.28.3",
"product_id": "T052141"
}
},
{
"category": "product_version",
"name": "1.28.3",
"product": {
"name": "NGINX NGINX 1.28.3",
"product_id": "T052141-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nginx:nginx:1.28.3"
}
}
}
],
"category": "product_name",
"name": "NGINX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cR36 P3",
"product": {
"name": "NGINX NGINX Plus \u003cR36 P3",
"product_id": "T052137"
}
},
{
"category": "product_version",
"name": "R36 P3",
"product": {
"name": "NGINX NGINX Plus R36 P3",
"product_id": "T052137-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nginx:nginx_plus:r36_p3"
}
}
},
{
"category": "product_version_range",
"name": "\u003cR35 P2",
"product": {
"name": "NGINX NGINX Plus \u003cR35 P2",
"product_id": "T052138"
}
},
{
"category": "product_version",
"name": "R35 P2",
"product": {
"name": "NGINX NGINX Plus R35 P2",
"product_id": "T052138-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nginx:nginx_plus:r35_p2"
}
}
},
{
"category": "product_version_range",
"name": "\u003cR32 P5",
"product": {
"name": "NGINX NGINX Plus \u003cR32 P5",
"product_id": "T052139"
}
},
{
"category": "product_version",
"name": "R32 P5",
"product": {
"name": "NGINX NGINX Plus R32 P5",
"product_id": "T052139-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:nginx:nginx_plus:r32_p5"
}
}
}
],
"category": "product_name",
"name": "NGINX Plus"
}
],
"category": "vendor",
"name": "NGINX"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27651",
"product_status": {
"known_affected": [
"T052140",
"T052141",
"67646",
"T027843",
"T052139",
"T052137",
"T052138",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-27651"
},
{
"cve": "CVE-2026-27654",
"product_status": {
"known_affected": [
"T052140",
"T052141",
"67646",
"T027843",
"T052139",
"T052137",
"T052138",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-27654"
},
{
"cve": "CVE-2026-27784",
"product_status": {
"known_affected": [
"T052140",
"T052141",
"67646",
"T027843",
"T052139",
"T052137",
"T052138",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-27784"
},
{
"cve": "CVE-2026-32647",
"product_status": {
"known_affected": [
"T052140",
"T052141",
"67646",
"T027843",
"T052139",
"T052137",
"T052138",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-32647"
},
{
"cve": "CVE-2026-28755",
"product_status": {
"known_affected": [
"T052140",
"T052141",
"67646",
"T027843",
"T052139",
"T052137",
"T052138",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-28755"
},
{
"cve": "CVE-2026-28753",
"product_status": {
"known_affected": [
"T052140",
"T052141",
"67646",
"T027843",
"T052139",
"T052137",
"T052138",
"T004914",
"T032255",
"74185"
]
},
"release_date": "2026-03-24T23:00:00.000+00:00",
"title": "CVE-2026-28753"
}
]
}
FKIE_CVE-2026-27654
Vulnerability from fkie_nvd - Published: 2026-03-24 15:16 - Updated: 2026-03-26 21:16
Severity ?
Summary
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
| URL | Tags | ||
|---|---|---|---|
| f5sirt@f5.com | https://my.f5.com/manage/s/article/K000160382 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | nginx_plus | r32 | |
| f5 | nginx_plus | r32 | |
| f5 | nginx_plus | r32 | |
| f5 | nginx_plus | r32 | |
| f5 | nginx_plus | r33 | |
| f5 | nginx_plus | r33 | |
| f5 | nginx_plus | r33 | |
| f5 | nginx_plus | r33 | |
| f5 | nginx_plus | r34 | |
| f5 | nginx_plus | r34 | |
| f5 | nginx_plus | r34 | |
| f5 | nginx_plus | r35 | |
| f5 | nginx_plus | r35 | |
| f5 | nginx_plus | r36 | |
| f5 | nginx_plus | r36 | |
| f5 | nginx_plus | r36 | |
| f5 | nginx_open_source | * | |
| f5 | nginx_open_source | * | |
| f5 | nginx_open_source | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r32:p1:*:*:*:*:*:*",
"matchCriteriaId": "FA913184-EAAD-409E-99C6-AB979DAA93F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r32:p2:*:*:*:*:*:*",
"matchCriteriaId": "782DF180-1101-4D6A-A1D7-8DADBAF6D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r32:p3:*:*:*:*:*:*",
"matchCriteriaId": "FB0B11F2-4748-492B-9906-F8C4C5EAFF12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r32:p4:*:*:*:*:*:*",
"matchCriteriaId": "86B53968-1CCA-4CF3-8454-BB92EF64D10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r33:*:*:*:*:*:*:*",
"matchCriteriaId": "4F58BD02-EA76-4F32-87D6-430026C8553E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r33:p1:*:*:*:*:*:*",
"matchCriteriaId": "46DC49B8-7286-4867-9CDA-1C1B469CD304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r33:p2:*:*:*:*:*:*",
"matchCriteriaId": "43477C2E-7485-4146-B25C-F58D632CD85B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r33:p3:*:*:*:*:*:*",
"matchCriteriaId": "6A25B9CF-02C0-42DE-9C70-F2AD3ACE3CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r34:*:*:*:*:*:*:*",
"matchCriteriaId": "86358605-55F9-4F6F-846A-3F48738F6E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r34:p1:*:*:*:*:*:*",
"matchCriteriaId": "7453D683-FCA7-46EE-BE49-5FD9A01D7F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r34:p2:*:*:*:*:*:*",
"matchCriteriaId": "A977BF9F-D165-4B93-B4D2-A177883A5E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r35:*:*:*:*:*:*:*",
"matchCriteriaId": "C643CEF2-F421-4E2C-AD39-51CE820F2238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r35:p1:*:*:*:*:*:*",
"matchCriteriaId": "4958360C-7993-4C82-8685-202D4940CE01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r36:*:*:*:*:*:*:*",
"matchCriteriaId": "942CA349-3FF8-4B9D-B87E-FBA8930CE913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r36:p1:*:*:*:*:*:*",
"matchCriteriaId": "7993A0FB-BE7E-4634-BF7F-FDEE3582D3E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_plus:r36:p2:*:*:*:*:*:*",
"matchCriteriaId": "862EA47E-8D57-434E-9C8F-238325FB85B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BABB440C-6106-42C6-8E67-101182F26C86",
"versionEndIncluding": "0.9.7",
"versionStartIncluding": "0.5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8049B1-4C36-4711-BB99-2721CF67FF81",
"versionEndExcluding": "1.28.3",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0EFE28B-E8E5-464E-B407-96436CA87C8E",
"versionEndExcluding": "1.29.7",
"versionStartIncluding": "1.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
},
{
"lang": "es",
"value": "NGINX Open Source y NGINX Plus tienen una vulnerabilidad en el m\u00f3dulo ngx_http_dav_module que podr\u00eda permitir a un atacante desencadenar un desbordamiento de b\u00fafer en el proceso de trabajador de NGINX; esta vulnerabilidad puede resultar en la terminaci\u00f3n del proceso de trabajador de NGINX o la modificaci\u00f3n de nombres de archivos de origen o destino fuera del directorio ra\u00edz de documentos. Este problema afecta a NGINX Open Source y NGINX Plus cuando el archivo de configuraci\u00f3n utiliza los m\u00e9todos MOVE o COPY del m\u00f3dulo DAV, ubicaci\u00f3n de prefijo (configuraci\u00f3n de ubicaci\u00f3n sin expresi\u00f3n regular) y directivas alias. El impacto en la integridad est\u00e1 restringido porque el usuario del proceso de trabajador de NGINX tiene privilegios bajos y no tiene acceso a todo el sistema. Nota: Las versiones de software que han alcanzado el Fin del Soporte T\u00e9cnico (EoTS) no son evaluadas."
}
],
"id": "CVE-2026-27654",
"lastModified": "2026-03-26T21:16:16.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "f5sirt@f5.com",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "f5sirt@f5.com",
"type": "Secondary"
}
]
},
"published": "2026-03-24T15:16:33.130",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Vendor Advisory"
],
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "f5sirt@f5.com",
"type": "Primary"
}
]
}
GHSA-6R46-2QJX-J5J3
Vulnerability from github – Published: 2026-03-24 15:30 – Updated: 2026-03-24 15:30
VLAI?
Details
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2026-27654"
],
"database_specific": {
"cwe_ids": [
"CWE-122"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-24T15:16:33Z",
"severity": "HIGH"
},
"details": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"id": "GHSA-6r46-2qjx-j5j3",
"modified": "2026-03-24T15:30:29Z",
"published": "2026-03-24T15:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654"
},
{
"type": "WEB",
"url": "https://my.f5.com/manage/s/article/K000160382"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…