CLSA-2026-1778869454

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1778869454

Upstream

CVE-2026-42945

Published

2026-05-15T18:24:19Z

Modified

2026-06-04T09:45:27.999599300Z

Summary

Fix CVE(s): CVE-2026-42945

Details

SECURITY UPDATE: Heap buffer overflow in ngxhttprewrite_module via PCRE unnamed captures with question mark in replacement strings
- debian/patches/CVE-2026-42945.patch: clear e->isargs in ngxhttpscriptregexendcode to prevent buffer overrun when rewrite directive is followed by set or if with PCRE captures
- CVE-2026-42945

References

https://errata.tuxcare.com/els_os/debian10els/CLSA-2026-1778869454.html

Affected packages

TuxCare:Debian:10

libnginx-mod-http-auth-pam

Package

Name: libnginx-mod-http-auth-pam
Purl: pkg:deb/tuxcare/libnginx-mod-http-auth-pam?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-cache-purge

Package

Name: libnginx-mod-http-cache-purge
Purl: pkg:deb/tuxcare/libnginx-mod-http-cache-purge?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-dav-ext

Package

Name: libnginx-mod-http-dav-ext
Purl: pkg:deb/tuxcare/libnginx-mod-http-dav-ext?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-echo

Package

Name: libnginx-mod-http-echo
Purl: pkg:deb/tuxcare/libnginx-mod-http-echo?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-fancyindex

Package

Name: libnginx-mod-http-fancyindex
Purl: pkg:deb/tuxcare/libnginx-mod-http-fancyindex?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-geoip

Package

Name: libnginx-mod-http-geoip
Purl: pkg:deb/tuxcare/libnginx-mod-http-geoip?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-headers-more-filter

Package

Name: libnginx-mod-http-headers-more-filter
Purl: pkg:deb/tuxcare/libnginx-mod-http-headers-more-filter?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-image-filter

Package

Name: libnginx-mod-http-image-filter
Purl: pkg:deb/tuxcare/libnginx-mod-http-image-filter?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-lua

Package

Name: libnginx-mod-http-lua
Purl: pkg:deb/tuxcare/libnginx-mod-http-lua?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-ndk

Package

Name: libnginx-mod-http-ndk
Purl: pkg:deb/tuxcare/libnginx-mod-http-ndk?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-perl

Package

Name: libnginx-mod-http-perl
Purl: pkg:deb/tuxcare/libnginx-mod-http-perl?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-subs-filter

Package

Name: libnginx-mod-http-subs-filter
Purl: pkg:deb/tuxcare/libnginx-mod-http-subs-filter?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-uploadprogress

Package

Name: libnginx-mod-http-uploadprogress
Purl: pkg:deb/tuxcare/libnginx-mod-http-uploadprogress?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-upstream-fair

Package

Name: libnginx-mod-http-upstream-fair
Purl: pkg:deb/tuxcare/libnginx-mod-http-upstream-fair?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-http-xslt-filter

Package

Name: libnginx-mod-http-xslt-filter
Purl: pkg:deb/tuxcare/libnginx-mod-http-xslt-filter?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-mail

Package

Name: libnginx-mod-mail
Purl: pkg:deb/tuxcare/libnginx-mod-mail?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-nchan

Package

Name: libnginx-mod-nchan
Purl: pkg:deb/tuxcare/libnginx-mod-nchan?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-rtmp

Package

Name: libnginx-mod-rtmp
Purl: pkg:deb/tuxcare/libnginx-mod-rtmp?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

libnginx-mod-stream

Package

Name: libnginx-mod-stream
Purl: pkg:deb/tuxcare/libnginx-mod-stream?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

nginx

Package

Name: nginx
Purl: pkg:deb/tuxcare/nginx?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

nginx-common

Package

Name: nginx-common
Purl: pkg:deb/tuxcare/nginx-common?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

nginx-doc

Package

Name: nginx-doc
Purl: pkg:deb/tuxcare/nginx-doc?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

nginx-extras

Package

Name: nginx-extras
Purl: pkg:deb/tuxcare/nginx-extras?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

nginx-full

Package

Name: nginx-full
Purl: pkg:deb/tuxcare/nginx-full?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"

nginx-light

Package

Name: nginx-light
Purl: pkg:deb/tuxcare/nginx-light?distro=debian-10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2-2+deb10u5+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1778869454.json"