"nginx":"1.24" nginx-1.24.0-5.module+el9+1132+cdc99210.1.ML.1
エラータID: AXSA:2026-260:01
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections (CVE-2026-1642)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-1642
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Modularity name: "nginx"
Stream name: "1.24"
Update packages.
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
N/A
SRPMS
- nginx-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.src.rpm
MD5: 24392a1b34f16e3339ee71685ddce6b7
SHA-256: 6aaaec26a55dde2dcb9adc12fbbdf7e6a80ad7b4ffc1e2036ac072ea930a8539
Size: 1.13 MB
Asianux Server 9 for x86_64
- nginx-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: b3d0d2ea9bcfd7b96f149efe96a1ddd0
SHA-256: 23d1b5ff97a74abd1c85455a5c4ad18237a568dbf59bf6fbe60d9bde72fe1242
Size: 35.99 kB - nginx-all-modules-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.noarch.rpm
MD5: 0704959df178b5be7839c73c2f867433
SHA-256: 6a9b01c3aeef6b9242e4059dd6b6311c65f119ce99ac3eb50fab830e32275809
Size: 7.47 kB - nginx-core-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: 6414d650b35a506227c3b8ed3bb582dd
SHA-256: 6f11695fdcf78278b300482bc712f87c8ab08f03d39be5f9acae35969c830676
Size: 582.67 kB - nginx-debugsource-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: 833a86b4d4e2f8b7bf16f5b67fac0d34
SHA-256: 82236d33b95490b6004c4b1f62f8d28f1f401c5f27b89aefed1f5ca68e08043b
Size: 616.19 kB - nginx-filesystem-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.noarch.rpm
MD5: 822bc1bd48bd8f497e0320b0baf4ead1
SHA-256: d0de673e7d02d25d6df2612c2652823a96e6ae35d9b2319f31d033c5e65ed2f6
Size: 8.42 kB - nginx-mod-devel-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: d3f00129e555e0ff8cad09a32e7aed86
SHA-256: 40931f9a30c9a1839be836046ed189ff06fa4e9c1ecbe7a9af63848fe389aca6
Size: 881.17 kB - nginx-mod-http-image-filter-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: cfaf4af4243430d69094f8bc2fad4da5
SHA-256: b345218a2fefc95fd8ecbc9b15593370660d4ecbd198cde64ff42fd7721e4f29
Size: 19.16 kB - nginx-mod-http-perl-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: 503d71332d21058af8135a952a226718
SHA-256: fbbcc18aaf43019d753dd869598f3b8cb9ab7cdd8027ecd9a40867ef74a677f8
Size: 30.43 kB - nginx-mod-http-xslt-filter-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: 0e295c21ce694f3704b613b08743ea5d
SHA-256: b88dd79e7a1ec893e131a6db08a2b4db054d5fa2b0902377c409b37096be919f
Size: 17.83 kB - nginx-mod-mail-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: 71063b2e3d44c310ee9e2f694e6d4d3c
SHA-256: 0cbad4706db68a903c136ae4aee02b1fdf150646c3179445bf342f9bf2782d7d
Size: 52.69 kB - nginx-mod-stream-1.24.0-5.module+el9+1132+cdc99210.1.ML.1.x86_64.rpm
MD5: c57fc2104e08e5cef27ae3f4b42ffcf4
SHA-256: 84bb64029dba6b05d715eb4579da08df5529d7d39731075d3ed16511fc71f237
Size: 79.37 kB