CLSA-2026-1776446328

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1776446328

Upstream

CVE-2026-27651

CVE-2026-27654

CVE-2026-32647

Published

2026-04-17T17:18:52Z

Modified

2026-06-01T00:32:47.476027587Z

Summary

nginx: Fix of 3 CVEs

Details

CVE-2026-27651: fix null pointer dereference in ngxmailauthhttpmodule when clearing password in auth http requests with CRAM-MD5/APOP
CVE-2026-27654: fix heap buffer overflow in DAV module when COPY/MOVE destination URI is shorter than alias
CVE-2026-32647: fix buffer over-read/over-write in mp4 module when processing empty stco and co64 atoms

References

https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1776446328.html

Affected packages

TuxCare:AlmaLinux:9.6

nginx

Package

Name: nginx
Purl: pkg:rpm/tuxcare/nginx?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-all-modules

Package

Name: nginx-all-modules
Purl: pkg:rpm/tuxcare/nginx-all-modules?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-core

Package

Name: nginx-core
Purl: pkg:rpm/tuxcare/nginx-core?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-filesystem

Package

Name: nginx-filesystem
Purl: pkg:rpm/tuxcare/nginx-filesystem?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-mod-devel

Package

Name: nginx-mod-devel
Purl: pkg:rpm/tuxcare/nginx-mod-devel?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-mod-http-image-filter

Package

Name: nginx-mod-http-image-filter
Purl: pkg:rpm/tuxcare/nginx-mod-http-image-filter?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-mod-http-perl

Package

Name: nginx-mod-http-perl
Purl: pkg:rpm/tuxcare/nginx-mod-http-perl?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-mod-http-xslt-filter

Package

Name: nginx-mod-http-xslt-filter
Purl: pkg:rpm/tuxcare/nginx-mod-http-xslt-filter?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-mod-mail

Package

Name: nginx-mod-mail
Purl: pkg:rpm/tuxcare/nginx-mod-mail?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"

nginx-mod-stream

Package

Name: nginx-mod-stream
Purl: pkg:rpm/tuxcare/nginx-mod-stream?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:1.20.1-22.el9_6.3.alma.2.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1776446328.json"