A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An

A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at log

NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files o

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files

NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned envir

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensi

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an inc