Nixpkgs security tracker

Untriaged

Permalink CVE-2011-4968

created 2 months ago

nginx http proxy module does not verify peer identity of …

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

References

https://security-tracker.debian.org/tracker/CVE-2011-4968 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968 x_transferredx_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-4968 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/01/03/8 x_transferredx_refsource_MISC
http://www.securityfocus.com/bid/57139 x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/80952 x_transferredx_refsource_MISC

Affected products

nginx

==through 1.6.2

Matching in nixpkgs

pkgs.nginx

Reverse proxy and lightweight webserver

nixos-unstable 1.28.2
- nixpkgs-unstable 1.28.2
- nixos-unstable-small 1.28.2
nixos-25.11 1.28.2
- nixos-25.11-small 1.28.2
- nixpkgs-25.11-darwin 1.28.2

pkgs.coc-nginx

nginx-language-server extension for coc.nvim

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.5.0
- nixos-25.11-small 0.5.0
- nixpkgs-25.11-darwin 0.5.0

pkgs.nginx-doc

Reverse proxy and lightweight webserver (documentation)

nixos-unstable 2022-05-05
- nixpkgs-unstable 2022-05-05
- nixos-unstable-small 2022-05-05
nixos-25.11 2022-05-05
- nixos-25.11-small 2022-05-05
- nixpkgs-25.11-darwin 2022-05-05

pkgs.nginx-sso

SSO authentication provider for the auth_request nginx module

nixos-unstable 0.27.6
- nixpkgs-unstable 0.27.6
- nixos-unstable-small 0.27.6
nixos-25.11 0.27.4
- nixos-25.11-small 0.27.4
- nixpkgs-25.11-darwin 0.27.4

pkgs.nginxStable

Reverse proxy and lightweight webserver

nixos-unstable 1.28.2
- nixpkgs-unstable 1.28.2
- nixos-unstable-small 1.28.2
nixos-25.11 1.28.2
- nixos-25.11-small 1.28.2
- nixpkgs-25.11-darwin 1.28.2

pkgs.nginxMainline

Reverse proxy and lightweight webserver

nixos-unstable 1.29.5
- nixpkgs-unstable 1.29.5
- nixos-unstable-small 1.29.5
nixos-25.11 1.29.5
- nixos-25.11-small 1.29.5
- nixpkgs-25.11-darwin 1.29.5

pkgs.nginxShibboleth

Reverse proxy and lightweight webserver

nixos-unstable 1.28.2
- nixpkgs-unstable 1.28.2
- nixos-unstable-small 1.28.2
nixos-25.11 1.28.2
- nixos-25.11-small 1.28.2
- nixpkgs-25.11-darwin 1.28.2

pkgs.tailscale-nginx-auth

Tool that allows users to use Tailscale Whois authentication with NGINX as a reverse proxy

nixos-unstable 1.94.1
- nixpkgs-unstable 1.94.2
- nixos-unstable-small 1.94.2
nixos-25.11 1.90.9
- nixos-25.11-small 1.90.9
- nixpkgs-25.11-darwin 1.90.9

pkgs.vimPlugins.coc-nginx

nginx-language-server extension for coc.nvim

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.5.0
- nixos-25.11-small 0.5.0
- nixpkgs-25.11-darwin 0.5.0

pkgs.nginx-language-server

Language server for nginx.conf

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.nginx-config-formatter

nginx config file formatter

nixos-unstable 1.3.0
- nixpkgs-unstable 1.3.0
- nixos-unstable-small 1.3.0
nixos-25.11 1.3.0
- nixos-25.11-small 1.3.0
- nixpkgs-25.11-darwin 1.3.0

pkgs.prometheus-nginx-exporter

NGINX Prometheus Exporter for NGINX and NGINX Plus

nixos-unstable 1.5.1
- nixpkgs-unstable 1.5.1
- nixos-unstable-small 1.5.1
nixos-25.11 1.5.1
- nixos-25.11-small 1.5.1
- nixpkgs-25.11-darwin 1.5.1

pkgs.azure-cli-extensions.nginx

Microsoft Azure Command-Line Tools Nginx Extension

nixos-unstable 2.0.0b8
- nixpkgs-unstable 2.0.0b8
- nixos-unstable-small 2.0.0b8
nixos-25.11 2.0.0b8
- nixos-25.11-small 2.0.0b8
- nixpkgs-25.11-darwin 2.0.0b8

pkgs.prometheus-nginxlog-exporter

Export metrics from Nginx access log files to Prometheus

nixos-unstable 1.11.0
- nixpkgs-unstable 1.11.0
- nixos-unstable-small 1.11.0
nixos-25.11 1.11.0
- nixos-25.11-small 1.11.0
- nixpkgs-25.11-darwin 1.11.0

pkgs.python312Packages.certbot-nginx

Nginx plugin for Certbot

nixos-25.11 5.1.0
- nixos-25.11-small 5.1.0
- nixpkgs-25.11-darwin 5.1.0

pkgs.python313Packages.certbot-nginx

Nginx plugin for Certbot

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.1.0
- nixos-25.11-small 5.1.0
- nixpkgs-25.11-darwin 5.1.0

pkgs.python314Packages.certbot-nginx

Nginx plugin for Certbot

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0

pkgs.vimPlugins.nvim-treesitter-parsers.nginx

None

nixos-unstable 0.0.0+rev=47ade64
- nixpkgs-unstable 0.0.0+rev=47ade64
- nixos-unstable-small 0.0.0+rev=47ade64
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

Package maintainers

@katexochen Paul Meyer <katexochen0@gmail.com>
@ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
@Conni2461 Simon Hauser <simon-hauser@outlook.com>
@helsinki-Jo Joachim Ernst <joachim.ernst@helsinki-systems.de>
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
@RaitoBezarius Ryan Lahfa <ryan@lahfa.xyz>
@dasJ Janne Heß <janne@hess.ooo>
@Baughn Svein Ove Aas <sveina@gmail.com>
@KAction Dmitry Bogatov <KAction@disroot.org>
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@globin Robin Gloster <mail@glob.in>
@WilliButz Willi Butz <willibutz@posteo.de>
@benley Benjamin Staffin <benley@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@phaer Paul Haerle <nix@phaer.org>

Untriaged

Permalink CVE-2026-1788

created 2 months, 2 weeks ago

Buffer Overflow in Xquic Server

: Out-of-bounds Write vulnerability in Xquic Project Xquic Server xquic on Linux (QUIC protocol implementation, packet processing module modules) allows : Buffer Manipulation.This issue affects Xquic Server: through 1.8.3.

References

https://github.com/alibaba/xquic

Affected products

xquic

=<1.8.3

Matching in nixpkgs

pkgs.nginxQuic

Reverse proxy and lightweight webserver

nixos-unstable 1.27.5

Package maintainers

@Conni2461 Simon Hauser <simon-hauser@outlook.com>
@helsinki-Jo Joachim Ernst <joachim.ernst@helsinki-systems.de>
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
@dasJ Janne Heß <janne@hess.ooo>
@ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
@RaitoBezarius Ryan Lahfa <ryan@lahfa.xyz>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.nginx

pkgs.coc-nginx

pkgs.nginx-doc

pkgs.nginx-sso

pkgs.nginxQuic

pkgs.nginxStable

pkgs.nginxMainline

pkgs.nginxShibboleth

pkgs.tailscale-nginx-auth

pkgs.vimPlugins.coc-nginx

pkgs.nginx-language-server

pkgs.nginx-config-formatter

pkgs.prometheus-nginx-exporter

pkgs.azure-cli-extensions.nginx

pkgs.prometheus-nginxlog-exporter

pkgs.python312Packages.certbot-nginx

pkgs.python313Packages.certbot-nginx

pkgs.python314Packages.certbot-nginx

pkgs.vimPlugins.nvim-treesitter-parsers.nginx

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.nginxQuic

Package maintainers