8.8

CVE-2026-27654

Medienbericht

NGINX ngx_http_dav_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
F5Nginx Plus Versionr32 Updatep1
F5Nginx Plus Versionr32 Updatep2
F5Nginx Plus Versionr32 Updatep3
F5Nginx Plus Versionr32 Updatep4
F5Nginx Plus Versionr33
F5Nginx Plus Versionr33 Updatep1
F5Nginx Plus Versionr33 Updatep2
F5Nginx Plus Versionr33 Updatep3
F5Nginx Plus Versionr34
F5Nginx Plus Versionr34 Updatep1
F5Nginx Plus Versionr34 Updatep2
F5Nginx Plus Versionr35
F5Nginx Plus Versionr35 Updatep1
F5Nginx Plus Versionr36
F5Nginx Plus Versionr36 Updatep1
F5Nginx Plus Versionr36 Updatep2
F5Nginx Open Source Version >= 0.5.13 <= 0.9.7
F5Nginx Open Source Version >= 1.0.0 < 1.28.3
F5Nginx Open Source Version >= 1.29.0 < 1.29.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 21.62% 0.973
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
f5sirt@f5.com 8.8 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
f5sirt@f5.com 8.2 3.9 4.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 8.2 3.9 4.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
27.04.2026 17:36
https://my.f5.com/manage/s/article/K000160382
Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:10065
https://access.redhat.com/errata/RHSA-2026:13634
https://access.redhat.com/errata/RHSA-2026:13680
https://access.redhat.com/errata/RHSA-2026:13839
https://access.redhat.com/errata/RHSA-2026:14836
https://access.redhat.com/errata/RHSA-2026:15942
https://access.redhat.com/errata/RHSA-2026:15943
https://access.redhat.com/errata/RHSA-2026:15945
https://access.redhat.com/errata/RHSA-2026:15966
https://access.redhat.com/errata/RHSA-2026:6906
https://access.redhat.com/errata/RHSA-2026:6907
https://access.redhat.com/errata/RHSA-2026:6923
https://access.redhat.com/errata/RHSA-2026:7002
https://access.redhat.com/errata/RHSA-2026:7343
https://access.redhat.com/errata/RHSA-2026:8346
https://access.redhat.com/security/cve/CVE-2026-27654
https://bugzilla.redhat.com/show_bug.cgi?id=2450776
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27654.json