diff --git a/vulnerabilities/importers/__init__.py b/vulnerabilities/importers/__init__.py index 8aa9961d5..e609fbc79 100644 --- a/vulnerabilities/importers/__init__.py +++ b/vulnerabilities/importers/__init__.py @@ -55,6 +55,7 @@ from vulnerabilities.pipelines.v2_importers import istio_importer as istio_importer_v2 from vulnerabilities.pipelines.v2_importers import mattermost_importer as mattermost_importer_v2 from vulnerabilities.pipelines.v2_importers import mozilla_importer as mozilla_importer_v2 +from vulnerabilities.pipelines.v2_importers import nginx_importer as nginx_importer_v2 from vulnerabilities.pipelines.v2_importers import npm_importer as npm_importer_v2 from vulnerabilities.pipelines.v2_importers import nvd_importer as nvd_importer_v2 from vulnerabilities.pipelines.v2_importers import oss_fuzz as oss_fuzz_v2 @@ -89,6 +90,7 @@ aosp_importer_v2.AospImporterPipeline, ruby_importer_v2.RubyImporterPipeline, epss_importer_v2.EPSSImporterPipeline, + nginx_importer_v2.NginxImporterPipeline, mattermost_importer_v2.MattermostImporterPipeline, nvd_importer.NVDImporterPipeline, github_importer.GitHubAPIImporterPipeline, diff --git a/vulnerabilities/pipelines/v2_importers/nginx_importer.py b/vulnerabilities/pipelines/v2_importers/nginx_importer.py new file mode 100644 index 000000000..33ef0f284 --- /dev/null +++ b/vulnerabilities/pipelines/v2_importers/nginx_importer.py @@ -0,0 +1,262 @@ +# +# Copyright (c) nexB Inc. and others. All rights reserved. +# VulnerableCode is a trademark of nexB Inc. +# SPDX-License-Identifier: Apache-2.0 +# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. +# See https://github.com/aboutcode-org/vulnerablecode for support or download. +# See https://aboutcode.org for more information about nexB OSS projects. +# + +from typing import NamedTuple +from urllib.parse import urljoin + +import requests +from bs4 import BeautifulSoup +from packageurl import PackageURL +from univers.version_constraint import VersionConstraint +from univers.version_constraint import validate_comparators +from univers.version_range import NginxVersionRange +from univers.versions import InvalidVersion + +from vulnerabilities.importer import AdvisoryData +from vulnerabilities.importer import AffectedPackageV2 +from vulnerabilities.importer import PatchData +from vulnerabilities.importer import ReferenceV2 +from vulnerabilities.importer import VulnerabilitySeverity +from vulnerabilities.importer import logger +from vulnerabilities.pipelines import VulnerableCodeBaseImporterPipelineV2 +from vulnerabilities.severity_systems import GENERIC + + +class NginxImporterPipeline(VulnerableCodeBaseImporterPipelineV2): + """Collect Nginx security advisories.""" + + pipeline_id = "nginx_importer_v2" + + spdx_license_expression = "BSD-2-Clause" + license_url = "https://nginx.org/LICENSE" + url = "https://nginx.org/en/security_advisories.html" + importer_name = "Nginx Importer" + + @classmethod + def steps(cls): + return ( + cls.fetch, + cls.collect_and_store_advisories, + ) + + def fetch(self): + self.log(f"Fetch `{self.url}`") + self.advisory_data = requests.get(self.url).text + + def advisories_count(self): + return self.advisory_data.count("

  • ") + + def collect_advisories(self): + """ + Yield AdvisoryData from nginx security advisories HTML + web page. + """ + soup = BeautifulSoup(self.advisory_data, features="lxml") + vulnerability_list = soup.select("li p") + for vulnerability_info in vulnerability_list: + ngnix_advisory = parse_advisory_data_from_paragraph(vulnerability_info) + yield to_advisory_data(ngnix_advisory) + + +class NginxAdvisory(NamedTuple): + advisory_id: str + aliases: list + summary: str + severities: list + patches: list + not_vulnerable: str + vulnerable: str + references: list + + def to_dict(self): + return self._asdict() + + +def to_advisory_data(nginx_adv: NginxAdvisory) -> AdvisoryData: + """ + Return AdvisoryData from an NginxAdvisory tuple. + """ + qualifiers = {} + + purl = PackageURL(type="nginx", name="nginx", qualifiers=qualifiers) + + _, _, affected_versions = nginx_adv.vulnerable.partition(":") + affected_versions = affected_versions.strip() + + if "nginx/Windows" in affected_versions: + qualifiers["os"] = "windows" + affected_versions = affected_versions.replace("nginx/Windows", "") + + _, _, fixed_versions = nginx_adv.not_vulnerable.partition(":") + fixed_versions = fixed_versions.strip() + + if "nginx/Windows" in fixed_versions: + qualifiers["os"] = "windows" + fixed_versions = fixed_versions.replace("nginx/Windows", "") + + fixed_version_range = None + try: + fixed_version_range = NginxVersionRange.from_native(fixed_versions) + except InvalidVersion: + logger.error(f"Invalid vulnerable range {fixed_versions}") + + affected_version_range = None + try: + affected_version_range = NginxVersionRange.from_native(affected_versions) + except InvalidVersion: + logger.error(f"Invalid non vulnerable range {affected_versions}") + + affected_packages = [] + if purl and affected_version_range or fixed_version_range: + try: + if affected_version_range: + validate_comparators(affected_version_range.constraints) + except ValueError as e: + affected_version_range = None + logger.error( + f"Invalid version_range affected_version_range:{affected_version_range} - error: {e}" + ) + + try: + if fixed_version_range: + fixed_version_constraints = VersionConstraint.simplify( + fixed_version_range.constraints + ) + fixed_version_range = NginxVersionRange(constraints=fixed_version_constraints) + validate_comparators(fixed_version_range.constraints) + except ValueError as e: + fixed_version_range = None + logger.error( + f"Invalid version_range fixed_version_range:{fixed_version_range} - error: {e}" + ) + + affected_packages.append( + AffectedPackageV2( + package=purl, + affected_version_range=affected_version_range, + fixed_version_range=fixed_version_range, + ) + ) + + return AdvisoryData( + advisory_id=nginx_adv.advisory_id, + aliases=nginx_adv.aliases, + summary=nginx_adv.summary, + affected_packages=affected_packages, + references_v2=nginx_adv.references, + patches=nginx_adv.patches, + url="https://nginx.org/en/security_advisories.html", + ) + + +def parse_advisory_data_from_paragraph(vulnerability_info): + """ + Return an NginxAdvisory from a ``vulnerability_info`` bs4 paragraph. + + An advisory paragraph, without html markup, looks like this: + + 1-byte memory overwrite in resolver + Severity: medium + Advisory + CVE-2021-23017 + Not vulnerable: 1.21.0+, 1.20.1+ + Vulnerable: 0.6.18-1.20.0 + The patch pgp + + """ + aliases = [] + summary = None + severities = [] + patches = [] + not_vulnerable = None + vulnerable = None + references = [] + is_first = True + + # we iterate on the children to accumulate values in variables + # FIXME: using an explicit xpath-like query could be simpler + for child in vulnerability_info.children: + if is_first: + summary = child + is_first = False + continue + + text = child.text.strip() + text_low = text.lower() + + if text.startswith( + ( + "CVE-", + "CORE-", + "VU#", + ) + ): + aliases.append(text) + if text.startswith("CVE-"): + # always keep the CVE as a reference too + link = f"https://nvd.nist.gov/vuln/detail/{text}" + reference = ReferenceV2(reference_id=text, url=link) + references.append(reference) + + elif "severity" in text_low: + severity = build_severity(severity=text) + if severity: + severities.append(severity) + + elif "not vulnerable" in text_low: + not_vulnerable = text + + elif "vulnerable" in text_low: + vulnerable = text + + elif hasattr(child, "attrs"): + link = child.attrs.get("href") + if link: + if "cve.mitre.org" in link: + references.append(ReferenceV2(reference_id=text, url=link)) + elif "mailman.nginx.org" in link: + references.append(ReferenceV2(url=link)) + elif "/download/patch" in link: + link = urljoin("https://nginx.org", link) + patch = PatchData( + patch_url=link, + ) + patches.append(patch) + else: + link = urljoin("https://nginx.org", link) + references.append(ReferenceV2(url=link)) + + advisory_id = aliases.pop() + return NginxAdvisory( + advisory_id=advisory_id, + aliases=aliases, + summary=summary, + severities=severities, + not_vulnerable=not_vulnerable, + vulnerable=vulnerable, + references=references, + patches=patches, + ) + + +def build_severity(severity): + """ + Return a VulnerabilitySeverity built from a ``severity`` string, or None. + + For example:: + >>> severity = "Severity: medium" + >>> expected = VulnerabilitySeverity(system=GENERIC, value="medium") + >>> assert build_severity(severity) == expected + """ + if severity.startswith("Severity:"): + _, _, severity = severity.partition("Severity:") + + severity = severity.strip() + if severity: + return VulnerabilitySeverity(system=GENERIC, value=severity) diff --git a/vulnerabilities/tests/pipelines/v2_importers/test_nginx_importer_v2.py b/vulnerabilities/tests/pipelines/v2_importers/test_nginx_importer_v2.py new file mode 100644 index 000000000..850a84566 --- /dev/null +++ b/vulnerabilities/tests/pipelines/v2_importers/test_nginx_importer_v2.py @@ -0,0 +1,146 @@ +# +# Copyright (c) nexB Inc. and others. All rights reserved. +# VulnerableCode is a trademark of nexB Inc. +# SPDX-License-Identifier: Apache-2.0 +# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. +# See https://github.com/aboutcode-org/vulnerablecode for support or download. +# See https://aboutcode.org for more information about nexB OSS projects. +# + +from pathlib import Path + +from bs4 import BeautifulSoup +from commoncode import testcase +from univers.version_range import NginxVersionRange + +from vulnerabilities.importer import PatchData +from vulnerabilities.importer import ReferenceV2 +from vulnerabilities.importer import VulnerabilitySeverity +from vulnerabilities.pipelines.v2_importers import nginx_importer +from vulnerabilities.severity_systems import GENERIC +from vulnerabilities.tests import util_tests +from vulnerabilities.utils import is_vulnerable_nginx_version + +ADVISORY_FIELDS_TO_TEST = ( + "unique_content_id", + "summary", + "affected_packages", + "references", + "date_published", + "weaknesses", +) + + +class NginxImporterPipeline(testcase.FileBasedTesting): + test_data_dir = Path(__file__).parent.parent.parent / "test_data" / "nginx_v2" + + def test_is_vulnerable(self): + # Not vulnerable: 1.17.3+, 1.16.1+ + # Vulnerable: 1.9.5-1.17.2 + + vcls = NginxVersionRange.version_class + affected_version_range = NginxVersionRange.from_native("1.9.5-1.17.2") + fixed_versions = [vcls("1.17.3"), vcls("1.16.1")] + + version = vcls("1.9.4") + assert not is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.9.5") + assert is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.9.6") + assert is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.16.0") + assert is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.16.1") + assert not is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.16.2") + assert not is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.16.99") + assert not is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.17.0") + assert is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.17.1") + assert is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.17.2") + assert is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.17.3") + assert not is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.17.4") + assert not is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + version = vcls("1.18.0") + assert not is_vulnerable_nginx_version(version, affected_version_range, fixed_versions) + + def test_parse_advisory_data_from_paragraph(self): + paragraph = ( + "

    1-byte memory overwrite in resolver" + "
    Severity: medium
    " + 'Advisory' + "
    " + 'CVE-2021-23017' + "
    Not vulnerable: 1.21.0+, 1.20.1+
    " + "Vulnerable: 0.6.18-1.20.0
    " + '' + 'The patch  pgp' + "

    " + ) + vuln_info = BeautifulSoup(paragraph, features="lxml").p + expected = { + "advisory_id": "CVE-2021-23017", + "aliases": [], + "summary": "1-byte memory overwrite in resolver", + "severities": [ + VulnerabilitySeverity( + system=GENERIC, + value="medium", + scoring_elements="", + published_at=None, + url=None, + ) + ], + "not_vulnerable": "Not vulnerable: 1.21.0+, 1.20.1+", + "vulnerable": "Vulnerable: 0.6.18-1.20.0", + "references": [ + ReferenceV2( + reference_id="", + reference_type="", + url="http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html", + ), + ReferenceV2( + reference_id="CVE-2021-23017", + reference_type="", + url="https://nvd.nist.gov/vuln/detail/CVE-2021-23017", + ), + ], + "patches": [ + PatchData(patch_url="https://nginx.org/download/patch.2021.resolver.txt"), + PatchData(patch_url="https://nginx.org/download/patch.2021.resolver.txt.asc"), + ], + } + + result = nginx_importer.parse_advisory_data_from_paragraph(vuln_info) + assert result.to_dict() == expected + + def test_collect_advisories(self): + test_file = self.get_test_loc("security_advisories.html") + with open(test_file) as tf: + test_text = tf.read() + + expected_file = self.get_test_loc( + "security_advisories-advisory_data-expected.json", must_exist=False + ) + + test_pipeline = nginx_importer.NginxImporterPipeline() + test_pipeline.advisory_data = test_text + results = [na.to_dict() for na in test_pipeline.collect_advisories()] + util_tests.check_results_against_json(results, expected_file) diff --git a/vulnerabilities/tests/test_data/nginx_v2/security_advisories-advisory_data-expected.json b/vulnerabilities/tests/test_data/nginx_v2/security_advisories-advisory_data-expected.json new file mode 100644 index 000000000..f421aa364 --- /dev/null +++ b/vulnerabilities/tests/test_data/nginx_v2/security_advisories-advisory_data-expected.json @@ -0,0 +1,1644 @@ +[ + { + "advisory_id": "CVE-2024-32760", + "aliases": [], + "summary": "Buffer overwrite in HTTP/3", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.25.0|<=1.25.5|1.26.0", + "fixed_version_range": "vers:nginx/>=1.26.1|<1.27.0|>=1.27.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" + }, + { + "reference_id": "CVE-2024-32760", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32760" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2024-31079", + "aliases": [], + "summary": "Stack overflow and use-after-free in HTTP/3", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.25.0|<=1.25.5|1.26.0", + "fixed_version_range": "vers:nginx/>=1.26.1|<1.27.0|>=1.27.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" + }, + { + "reference_id": "CVE-2024-31079", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31079" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2024-35200", + "aliases": [], + "summary": "NULL pointer dereference in HTTP/3", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.25.0|<=1.25.5|1.26.0", + "fixed_version_range": "vers:nginx/>=1.26.1|<1.27.0|>=1.27.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" + }, + { + "reference_id": "CVE-2024-35200", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35200" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2024-34161", + "aliases": [], + "summary": "Memory disclosure in HTTP/3", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.25.0|<=1.25.5|1.26.0", + "fixed_version_range": "vers:nginx/>=1.26.1|<1.27.0|>=1.27.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" + }, + { + "reference_id": "CVE-2024-34161", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34161" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2024-24989", + "aliases": [], + "summary": "NULL pointer dereference in HTTP/3", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/1.25.3", + "fixed_version_range": "vers:nginx/>=1.25.4", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html" + }, + { + "reference_id": "CVE-2024-24989", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24989" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2024-24990", + "aliases": [], + "summary": "Use-after-free in HTTP/3", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.25.0|<=1.25.3", + "fixed_version_range": "vers:nginx/>=1.25.4", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html" + }, + { + "reference_id": "CVE-2024-24990", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24990" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2022-41741", + "aliases": [], + "summary": "Memory corruption in the ngx_http_mp4_module", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.0.7|<=1.0.15|>=1.1.3|<=1.23.1", + "fixed_version_range": "vers:nginx/>=1.22.1|<1.23.0|>=1.23.2", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html" + }, + { + "reference_id": "CVE-2022-41741", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2022.mp4.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2022.mp4.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2022-41742", + "aliases": [], + "summary": "Memory disclosure in the ngx_http_mp4_module", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.0.7|<=1.0.15|>=1.1.3|<=1.23.1", + "fixed_version_range": "vers:nginx/>=1.22.1|<1.23.0|>=1.23.2", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html" + }, + { + "reference_id": "CVE-2022-41742", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2022.mp4.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2022.mp4.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2021-23017", + "aliases": [], + "summary": "1-byte memory overwrite in resolver", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.6.18|<=1.20.0", + "fixed_version_range": "vers:nginx/>=1.20.1|<1.21.0|>=1.21.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html" + }, + { + "reference_id": "CVE-2021-23017", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23017" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2021.resolver.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2021.resolver.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2019-9511", + "aliases": [], + "summary": "Excessive CPU usage in HTTP/2 with small window updates", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.9.5|<=1.17.2", + "fixed_version_range": "vers:nginx/>=1.16.1|<1.17.0|>=1.17.3", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html" + }, + { + "reference_id": "CVE-2019-9511", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2019-9513", + "aliases": [], + "summary": "Excessive CPU usage in HTTP/2 with priority changes", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.9.5|<=1.17.2", + "fixed_version_range": "vers:nginx/>=1.16.1|<1.17.0|>=1.17.3", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html" + }, + { + "reference_id": "CVE-2019-9513", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2019-9516", + "aliases": [], + "summary": "Excessive memory usage in HTTP/2 with zero length headers", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.9.5|<=1.17.2", + "fixed_version_range": "vers:nginx/>=1.16.1|<1.17.0|>=1.17.3", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html" + }, + { + "reference_id": "CVE-2019-9516", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2018-16843", + "aliases": [], + "summary": "Excessive memory usage in HTTP/2", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.9.5|<=1.15.5", + "fixed_version_range": "vers:nginx/>=1.14.1|<1.15.0|>=1.15.6", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html" + }, + { + "reference_id": "CVE-2018-16843", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16843" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2018-16844", + "aliases": [], + "summary": "Excessive CPU usage in HTTP/2", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.9.5|<=1.15.5", + "fixed_version_range": "vers:nginx/>=1.14.1|<1.15.0|>=1.15.6", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html" + }, + { + "reference_id": "CVE-2018-16844", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16844" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2018-16845", + "aliases": [], + "summary": "Memory disclosure in the ngx_http_mp4_module", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.0.7|<=1.0.15|>=1.1.3|<=1.15.5", + "fixed_version_range": "vers:nginx/>=1.14.1|<1.15.0|>=1.15.6", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html" + }, + { + "reference_id": "CVE-2018-16845", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16845" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2018.mp4.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2018.mp4.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2017-7529", + "aliases": [], + "summary": "Integer overflow in the range filter", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.5.6|<=1.13.2", + "fixed_version_range": "vers:nginx/>=1.12.1|<1.13.0|>=1.13.3", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html" + }, + { + "reference_id": "CVE-2017-7529", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7529" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2017.ranges.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2017.ranges.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2016-4450", + "aliases": [], + "summary": "NULL pointer dereference while writing client request body", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.3.9|<=1.11.0", + "fixed_version_range": "vers:nginx/>=1.10.1|<1.11.0|>=1.11.1", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html" + }, + { + "reference_id": "CVE-2016-4450", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4450" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2016.write.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2016.write.txt.asc", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2016.write2.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2016.write2.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2016-0742", + "aliases": [], + "summary": "Invalid pointer dereference in resolver", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.6.18|<=1.9.9", + "fixed_version_range": "vers:nginx/>=1.8.1|<1.9.0|>=1.9.10", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html" + }, + { + "reference_id": "CVE-2016-0742", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0742" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2016-0746", + "aliases": [], + "summary": "Use-after-free during CNAME response processing in resolver", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.6.18|<=1.9.9", + "fixed_version_range": "vers:nginx/>=1.8.1|<1.9.0|>=1.9.10", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html" + }, + { + "reference_id": "CVE-2016-0746", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0746" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2016-0747", + "aliases": [], + "summary": "Insufficient limits of CNAME resolution in resolver", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.6.18|<=1.9.9", + "fixed_version_range": "vers:nginx/>=1.8.1|<1.9.0|>=1.9.10", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html" + }, + { + "reference_id": "CVE-2016-0747", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0747" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2014-3616", + "aliases": [], + "summary": "SSL session reuse vulnerability", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.5.6|<=1.7.4", + "fixed_version_range": "vers:nginx/>=1.6.2|<1.7.0|>=1.7.5", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html" + }, + { + "reference_id": "CVE-2014-3616", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3616" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2014-3556", + "aliases": [], + "summary": "STARTTLS command injection", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.5.6|<=1.7.3", + "fixed_version_range": "vers:nginx/>=1.6.1|<1.7.0|>=1.7.4", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html" + }, + { + "reference_id": "CVE-2014-3556", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3556" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2014.starttls.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2014.starttls.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2014-0133", + "aliases": [], + "summary": "SPDY heap buffer overflow", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.3.15|<=1.5.11", + "fixed_version_range": "vers:nginx/>=1.4.7|<1.5.0|>=1.5.12", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html" + }, + { + "reference_id": "CVE-2014-0133", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0133" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2014.spdy2.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2014.spdy2.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2014-0088", + "aliases": [], + "summary": "SPDY memory corruption", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/1.5.10", + "fixed_version_range": "vers:nginx/>=1.5.11", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html" + }, + { + "reference_id": "CVE-2014-0088", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0088" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2014.spdy.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2014.spdy.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2013-4547", + "aliases": [], + "summary": "Request line parsing vulnerability", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.8.41|<=1.5.6", + "fixed_version_range": "vers:nginx/>=1.4.4|<1.5.0|>=1.5.7", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html" + }, + { + "reference_id": "CVE-2013-4547", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4547" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2013.space.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2013.space.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2013-2070", + "aliases": [], + "summary": "Memory disclosure with specially crafted HTTP backend responses", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.1.4|<=1.2.8|>=1.3.9|<=1.4.0", + "fixed_version_range": "vers:nginx/>=1.2.9|<1.3.0|>=1.4.1|<1.5.0|>=1.5.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html" + }, + { + "reference_id": "CVE-2013-2070", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2070" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2013.chunked.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2013.chunked.txt.asc", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2013.proxy.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2013.proxy.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2013-2028", + "aliases": [], + "summary": "Stack-based buffer overflow with specially crafted request", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.3.9|<=1.4.0", + "fixed_version_range": "vers:nginx/>=1.4.1|<1.5.0|>=1.5.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html" + }, + { + "reference_id": "CVE-2013-2028", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2028" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2013.chunked.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2013.chunked.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2011-4963", + "aliases": [], + "summary": "Vulnerabilities with Windows directory aliases", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.7.52|<=1.3.0", + "fixed_version_range": "vers:nginx/>=1.2.1|<1.3.0|>=1.3.1", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html" + }, + { + "reference_id": "CVE-2011-4963", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4963" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2012-2089", + "aliases": [], + "summary": "Buffer overflow in the ngx_http_mp4_module", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=1.0.7|<=1.0.14|>=1.1.3|<=1.1.18", + "fixed_version_range": "vers:nginx/>=1.0.15|<1.1.0|>=1.1.19", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html" + }, + { + "reference_id": "CVE-2012-2089", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2089" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2012.mp4.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2012.mp4.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2012-1180", + "aliases": [], + "summary": "Memory disclosure with specially crafted backend responses", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.1.0|<=1.1.16", + "fixed_version_range": "vers:nginx/>=1.0.14|<1.1.0|>=1.1.17", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "", + "reference_type": "", + "url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html" + }, + { + "reference_id": "CVE-2012-1180", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1180" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.2012.memory.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.2012.memory.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2011-4315", + "aliases": [], + "summary": "Buffer overflow in resolver", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.6.18|<=1.1.7", + "fixed_version_range": "vers:nginx/>=1.0.10|<1.1.0|>=1.1.8", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2011-4315", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4315" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2010-2266", + "aliases": [], + "summary": "Vulnerabilities with invalid UTF-8 sequence on Windows", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.7.52|<=0.8.40", + "fixed_version_range": "vers:nginx/>=0.7.67|<0.9.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2010-2266", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2266" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2010-2263", + "aliases": [], + "summary": "Vulnerabilities with Windows file default stream", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.7.52|<=0.8.39", + "fixed_version_range": "vers:nginx/>=0.7.66|<0.9.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2010-2263", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2263" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CORE-2010-0121", + "aliases": [], + "summary": "Vulnerabilities with Windows 8.3 filename pseudonyms", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.7.52|<=0.8.32", + "fixed_version_range": "vers:nginx/>=0.7.65|<0.9.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2009-4487", + "aliases": [], + "summary": "An error log data are not sanitized", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/*", + "fixed_version_range": null, + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2009-4487", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4487" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2009-3555", + "aliases": [ + "VU#120541" + ], + "summary": "The renegotiation vulnerability in SSL protocol", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.1.0|<=0.8.22", + "fixed_version_range": "vers:nginx/>=0.7.64|<0.9.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2009-3555", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.cve-2009-3555.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2009-3898", + "aliases": [], + "summary": "Directory traversal vulnerability", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.1.0|<=0.8.16", + "fixed_version_range": "vers:nginx/>=0.7.63|<0.9.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2009-3898", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3898" + } + ], + "patches": [], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2009-2629", + "aliases": [ + "VU#180065" + ], + "summary": "Buffer underflow vulnerability", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.1.0|<=0.8.14", + "fixed_version_range": "vers:nginx/>=0.5.38|<0.7.0|>=0.7.62|<0.9.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2009-2629", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2629" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.180065.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.180065.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + }, + { + "advisory_id": "CVE-2009-3896", + "aliases": [], + "summary": "Null pointer dereference vulnerability", + "affected_packages": [ + { + "package": { + "type": "nginx", + "namespace": "", + "name": "nginx", + "version": "", + "qualifiers": "", + "subpath": "" + }, + "affected_version_range": "vers:nginx/>=0.1.0|<=0.8.13", + "fixed_version_range": "vers:nginx/>=0.5.38|<0.7.0|>=0.7.62|<0.9.0", + "introduced_by_commit_patches": [], + "fixed_by_commit_patches": [] + } + ], + "references_v2": [ + { + "reference_id": "CVE-2009-3896", + "reference_type": "", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3896" + } + ], + "patches": [ + { + "patch_url": "https://nginx.org/download/patch.null.pointer.txt", + "patch_text": null, + "patch_checksum": null + }, + { + "patch_url": "https://nginx.org/download/patch.null.pointer.txt.asc", + "patch_text": null, + "patch_checksum": null + } + ], + "severities": [], + "date_published": null, + "weaknesses": [], + "url": "https://nginx.org/en/security_advisories.html" + } +] \ No newline at end of file diff --git a/vulnerabilities/tests/test_data/nginx_v2/security_advisories.html b/vulnerabilities/tests/test_data/nginx_v2/security_advisories.html new file mode 100644 index 000000000..6c4585438 --- /dev/null +++ b/vulnerabilities/tests/test_data/nginx_v2/security_advisories.html @@ -0,0 +1,96 @@ + +nginx security advisories

    nginx security advisories

    +All nginx security issues should be reported to +security-alert@nginx.org. +

    +Patches are signed using one of the +PGP public keys. +

      + +

    • Buffer overwrite in HTTP/3
      Severity: medium
      Advisory
      CVE-2024-32760
      Not vulnerable: 1.27.0+, 1.26.1+
      Vulnerable: 1.25.0-1.25.5, 1.26.0

      • + +

    • Stack overflow and use-after-free in HTTP/3
      Severity: medium
      Advisory
      CVE-2024-31079
      Not vulnerable: 1.27.0+, 1.26.1+
      Vulnerable: 1.25.0-1.25.5, 1.26.0

      • + +

    • NULL pointer dereference in HTTP/3
      Severity: medium
      Advisory
      CVE-2024-35200
      Not vulnerable: 1.27.0+, 1.26.1+
      Vulnerable: 1.25.0-1.25.5, 1.26.0

      • + +

    • Memory disclosure in HTTP/3
      Severity: medium
      Advisory
      CVE-2024-34161
      Not vulnerable: 1.27.0+, 1.26.1+
      Vulnerable: 1.25.0-1.25.5, 1.26.0

      • + +

    • NULL pointer dereference in HTTP/3
      Severity: major
      Advisory
      CVE-2024-24989
      Not vulnerable: 1.25.4+
      Vulnerable: 1.25.3

      • + +

    • Use-after-free in HTTP/3
      Severity: major
      Advisory
      CVE-2024-24990
      Not vulnerable: 1.25.4+
      Vulnerable: 1.25.0-1.25.3

      • + +

    • Memory corruption in the ngx_http_mp4_module
      Severity: medium
      Advisory
      CVE-2022-41741
      Not vulnerable: 1.23.2+, 1.22.1+
      Vulnerable: 1.1.3-1.23.1, 1.0.7-1.0.15
      The patch  pgp

      • + +

    • Memory disclosure in the ngx_http_mp4_module
      Severity: medium
      Advisory
      CVE-2022-41742
      Not vulnerable: 1.23.2+, 1.22.1+
      Vulnerable: 1.1.3-1.23.1, 1.0.7-1.0.15
      The patch  pgp

      • + +

    • 1-byte memory overwrite in resolver
      Severity: medium
      Advisory
      CVE-2021-23017
      Not vulnerable: 1.21.0+, 1.20.1+
      Vulnerable: 0.6.18-1.20.0
      The patch  pgp

      • + +

    • Excessive CPU usage in HTTP/2 with small window updates
      Severity: medium
      Advisory
      CVE-2019-9511
      Not vulnerable: 1.17.3+, 1.16.1+
      Vulnerable: 1.9.5-1.17.2

      • + +

    • Excessive CPU usage in HTTP/2 with priority changes
      Severity: low
      Advisory
      CVE-2019-9513
      Not vulnerable: 1.17.3+, 1.16.1+
      Vulnerable: 1.9.5-1.17.2

      • + +

    • Excessive memory usage in HTTP/2 with zero length headers
      Severity: low
      Advisory
      CVE-2019-9516
      Not vulnerable: 1.17.3+, 1.16.1+
      Vulnerable: 1.9.5-1.17.2

      • + +

    • Excessive memory usage in HTTP/2
      Severity: low
      Advisory
      CVE-2018-16843
      Not vulnerable: 1.15.6+, 1.14.1+
      Vulnerable: 1.9.5-1.15.5

      • + +

    • Excessive CPU usage in HTTP/2
      Severity: low
      Advisory
      CVE-2018-16844
      Not vulnerable: 1.15.6+, 1.14.1+
      Vulnerable: 1.9.5-1.15.5

      • + +

    • Memory disclosure in the ngx_http_mp4_module
      Severity: medium
      Advisory
      CVE-2018-16845
      Not vulnerable: 1.15.6+, 1.14.1+
      Vulnerable: 1.1.3-1.15.5, 1.0.7-1.0.15
      The patch  pgp

      • + +

    • Integer overflow in the range filter
      Severity: medium
      Advisory
      CVE-2017-7529
      Not vulnerable: 1.13.3+, 1.12.1+
      Vulnerable: 0.5.6-1.13.2
      The patch  pgp

      • + +

    • NULL pointer dereference while writing client request body
      Severity: medium
      Advisory
      CVE-2016-4450
      Not vulnerable: 1.11.1+, 1.10.1+
      Vulnerable: 1.3.9-1.11.0
      The patch  pgp  (for 1.9.13-1.11.0)
      The patch  pgp  (for 1.3.9-1.9.12)

      • + +

    • Invalid pointer dereference in resolver
      Severity: medium
      Advisory
      CVE-2016-0742
      Not vulnerable: 1.9.10+, 1.8.1+
      Vulnerable: 0.6.18-1.9.9

      • + +

    • Use-after-free during CNAME response processing in resolver
      Severity: medium
      Advisory
      CVE-2016-0746
      Not vulnerable: 1.9.10+, 1.8.1+
      Vulnerable: 0.6.18-1.9.9

      • + +

    • Insufficient limits of CNAME resolution in resolver
      Severity: medium
      Advisory
      CVE-2016-0747
      Not vulnerable: 1.9.10+, 1.8.1+
      Vulnerable: 0.6.18-1.9.9

      • + +

    • SSL session reuse vulnerability
      Severity: medium
      Advisory
      CVE-2014-3616
      Not vulnerable: 1.7.5+, 1.6.2+
      Vulnerable: 0.5.6-1.7.4

      • + +

    • STARTTLS command injection
      Severity: medium
      Advisory
      CVE-2014-3556
      Not vulnerable: 1.7.4+, 1.6.1+
      Vulnerable: 1.5.6-1.7.3
      The patch  pgp

      • + +

    • SPDY heap buffer overflow
      Severity: major
      Advisory
      CVE-2014-0133
      Not vulnerable: 1.5.12+, 1.4.7+
      Vulnerable: 1.3.15-1.5.11
      The patch  pgp

      • + +

    • SPDY memory corruption
      Severity: major
      Advisory
      CVE-2014-0088
      Not vulnerable: 1.5.11+
      Vulnerable: 1.5.10
      The patch  pgp

      • + +

    • Request line parsing vulnerability
      Severity: medium
      Advisory
      CVE-2013-4547
      Not vulnerable: 1.5.7+, 1.4.4+
      Vulnerable: 0.8.41-1.5.6
      The patch  pgp

      • + +

    • Memory disclosure with specially crafted HTTP backend responses
      Severity: medium
      Advisory
      CVE-2013-2070
      Not vulnerable: 1.5.0+, 1.4.1+, 1.2.9+
      Vulnerable: 1.1.4-1.2.8, 1.3.9-1.4.0
      The patch  pgp  (for 1.3.9-1.4.0)
      The patch  pgp  (for 1.1.4-1.2.8)

      • + +

    • Stack-based buffer overflow with specially crafted request
      Severity: major
      Advisory
      CVE-2013-2028
      Not vulnerable: 1.5.0+, 1.4.1+
      Vulnerable: 1.3.9-1.4.0
      The patch  pgp

      • + +

    • Vulnerabilities with Windows directory aliases
      Severity: medium
      Advisory
      CVE-2011-4963
      Not vulnerable: 1.3.1+, 1.2.1+
      Vulnerable: nginx/Windows 0.7.52-1.3.0

      • + +

    • Buffer overflow in the ngx_http_mp4_module
      Severity: major
      Advisory
      CVE-2012-2089
      Not vulnerable: 1.1.19+, 1.0.15+
      Vulnerable: 1.1.3-1.1.18, 1.0.7-1.0.14
      The patch  pgp

      • + +

    • Memory disclosure with specially crafted backend responses
      Severity: major
      Advisory
      CVE-2012-1180
      Not vulnerable: 1.1.17+, 1.0.14+
      Vulnerable: 0.1.0-1.1.16
      The patch  pgp

      • + +

    • Buffer overflow in resolver
      Severity: medium
      CVE-2011-4315
      Not vulnerable: 1.1.8+, 1.0.10+
      Vulnerable: 0.6.18-1.1.7

      • + +

    • Vulnerabilities with invalid UTF-8 sequence on Windows
      Severity: major
      CVE-2010-2266
      Not vulnerable: 0.8.41+, 0.7.67+
      Vulnerable: nginx/Windows 0.7.52-0.8.40

      • + +

    • Vulnerabilities with Windows file default stream
      Severity: major
      CVE-2010-2263
      Not vulnerable: 0.8.40+, 0.7.66+
      Vulnerable: nginx/Windows 0.7.52-0.8.39

      • + +

    • Vulnerabilities with Windows 8.3 filename pseudonyms
      Severity: major
      CORE-2010-0121
      Not vulnerable: 0.8.33+, 0.7.65+
      Vulnerable: nginx/Windows 0.7.52-0.8.32

      • + +

    • An error log data are not sanitized
      Severity: none
      CVE-2009-4487
      Not vulnerable: none
      Vulnerable: all

      • + +

    • The renegotiation vulnerability in SSL protocol
      Severity: major
      VU#120541  CVE-2009-3555
      Not vulnerable: 0.8.23+, 0.7.64+
      Vulnerable: 0.1.0-0.8.22
      The patch  pgp

      • + +

    • Directory traversal vulnerability
      Severity: minor
      CVE-2009-3898
      Not vulnerable: 0.8.17+, 0.7.63+
      Vulnerable: 0.1.0-0.8.16

      • + +

    • Buffer underflow vulnerability
      Severity: major
      VU#180065  CVE-2009-2629
      Not vulnerable: 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+
      Vulnerable: 0.1.0-0.8.14
      The patch  pgp

      • + +

    • Null pointer dereference vulnerability
      Severity: major
      CVE-2009-3896
      Not vulnerable: 0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+
      Vulnerable: 0.1.0-0.8.13
      The patch  pgp

      • + +
    diff --git a/vulnerabilities/tests/test_data/nginx_v2/security_advisories.html.ABOUT b/vulnerabilities/tests/test_data/nginx_v2/security_advisories.html.ABOUT new file mode 100644 index 000000000..af2a44406 --- /dev/null +++ b/vulnerabilities/tests/test_data/nginx_v2/security_advisories.html.ABOUT @@ -0,0 +1,2 @@ +date: 2024-08-09 +download_url: https://nginx.org/en/security_advisories.html