NGINX.COM

Tag: vulnerability

Trust No One: The Perils of Trusting User Input

Occasionally, we like to highlight interesting or significant security issues that users of NGINX Open Source and NGINX Plus might encounter. Application stacks are complex and it’s very easy to overlook obscure or unexpected ways that common features can be exploited. NGINX and NGINX Plus are a powerful way to both provide access to these features and…

Continue reading ›

Mitigating the HTTPoxy Vulnerability with NGINX

On July 18th, a vulnerability named ‘HTTPoxy’ was announced, affecting some server‑side web applications that run in CGI or CGI‑like environments, such as some FastCGI configurations. Languages known to be affected so far include PHP, Python, and Go. A number of CVEs have been assigned, covering specific languages and CGI implementations: Apache HTTP Server (CVE-2016-5387)…

Continue reading ›

TRY NGINX PLUS!

Download a 30 day free trial and see what you've been missing.

We'll take care of your data.

X

Got a question for the NGINX team?

< back
X

Tags

No More Tags to display