"nginx":"1.26" nginx-1.26.3-2.module+el9+1135+e3626e67
エラータID: AXSA:2026-323:01
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections (CVE-2026-1642)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-1642
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Modularity name: "nginx"
Stream name: "1.26"
Update packages.
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
N/A
SRPMS
- nginx-1.26.3-2.module+el9+1135+e3626e67.src.rpm
MD5: 64ded64ecfd3a44c7536f44f63051fce
SHA-256: 5f099e7decbeba6dff1343e7156dbf24fc354951c0421bcab2de3e795ee5cb01
Size: 1.27 MB
Asianux Server 9 for x86_64
- nginx-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: 18ddc2e28ac5966318938c6d1af0b804
SHA-256: c75a0767e12585bd8b193d715458a5e9ee40bb980229d3adc880084472eb7b78
Size: 34.34 kB - nginx-all-modules-1.26.3-2.module+el9+1135+e3626e67.noarch.rpm
MD5: d98e56b391e9f4914424718471746360
SHA-256: 03a807aef1c955a9e6d705ba4df3d60c1d7756e23d11c2744a02e90c4ea2dce6
Size: 6.93 kB - nginx-core-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: b597c1f6e4af28f5d5f701e64f09c135
SHA-256: 8f8a32863fa90aac18dfd3fe6bcfc4e96ea695be55ac67ff0e2b10e01f8031d8
Size: 665.26 kB - nginx-debugsource-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: 62b9a665ad70b7c4e10ebb4a5c5a09d0
SHA-256: 6797ee57e8df5c9e7c729c58eeb95fbdef46a505f4ba2930567707eb20e449c2
Size: 699.19 kB - nginx-filesystem-1.26.3-2.module+el9+1135+e3626e67.noarch.rpm
MD5: 854205d096bfd18ab2333613387bd3cd
SHA-256: 4349acc36e7a0f58bdea11f86fc8e50195ba1c7ed520b25b1fdef97838150f7c
Size: 8.44 kB - nginx-mod-devel-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: aace7e5ea07c50b84059e321d7889fc0
SHA-256: b8bec76150945eb3dedd0cd93aa8d57cd996d27a3870dd0b21ce93506b5163b7
Size: 0.96 MB - nginx-mod-http-image-filter-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: fc8ffe8fcdd321ad855cfd44b37db7f0
SHA-256: adcb7ccf25092019a4c1654b30c092c36fec6a010c42383c01ea6bf5514919dd
Size: 18.57 kB - nginx-mod-http-perl-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: 044c4e88688261b8edf881ebc75f747a
SHA-256: b0de77c3c428e61954f6a25a1b5b7b471ae1007e10f2dfed8b07423bb10129eb
Size: 29.89 kB - nginx-mod-http-xslt-filter-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: 6e881608a3ea43af4d823552a68e5cd7
SHA-256: b418b4aca611d73374449020207d8b319719ac945554fdc8f71b6cd33a7350b9
Size: 17.34 kB - nginx-mod-mail-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: e7a5006a5739888c73dfec163632e963
SHA-256: f92f40c4945602bec073ad6f552e74ea41f09b45308331e009a86c8c501255b3
Size: 51.97 kB - nginx-mod-stream-1.26.3-2.module+el9+1135+e3626e67.x86_64.rpm
MD5: 1d05388e7b03eddb48db0bbb98e61904
SHA-256: 7846c1b6fe1eae42f4c6e8a8bbf5153fd9e241478bc5134ff8bbaa7d9af71962
Size: 83.77 kB