Details:
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)
NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)
NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
1:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.41:1.24.0-1.module+el9.4.0+24260+3e6db809.4Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:NI:LA:H8.2/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H