CLSA-2026-1777883671

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1777883671
Upstream
  • CVE-2026-27651
  • CVE-2026-32647
Published
2026-05-04T08:34:36Z
Modified
2026-06-01T00:33:12.992179481Z
Summary
nginx: Fix of 2 CVEs
Details
  • CVE-2026-27651: fix null pointer dereference in ngxmailauthhttpmodule when authentication retry is enabled with CRAM-MD5 or APOP
  • CVE-2026-32647: fix buffer over-read/write in ngxhttpmp4_module when processing crafted mp4 files with empty stco/co64 atoms
References

Affected packages

TuxCare:CentOS:8.4
nginx

Package

Name
nginx
Purl
pkg:rpm/tuxcare/nginx?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"
nginx-all-modules

Package

Name
nginx-all-modules
Purl
pkg:rpm/tuxcare/nginx-all-modules?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"
nginx-filesystem

Package

Name
nginx-filesystem
Purl
pkg:rpm/tuxcare/nginx-filesystem?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"
nginx-mod-http-image-filter

Package

Name
nginx-mod-http-image-filter
Purl
pkg:rpm/tuxcare/nginx-mod-http-image-filter?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"
nginx-mod-http-perl

Package

Name
nginx-mod-http-perl
Purl
pkg:rpm/tuxcare/nginx-mod-http-perl?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"
nginx-mod-http-xslt-filter

Package

Name
nginx-mod-http-xslt-filter
Purl
pkg:rpm/tuxcare/nginx-mod-http-xslt-filter?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"
nginx-mod-mail

Package

Name
nginx-mod-mail
Purl
pkg:rpm/tuxcare/nginx-mod-mail?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"
nginx-mod-stream

Package

Name
nginx-mod-stream
Purl
pkg:rpm/tuxcare/nginx-mod-stream?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2026-1777883671.json"