Количество 5
Количество 5
CVE-2026-28755
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check identifies the certificate as revoked. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-28755
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check identifies the certificate as revoked. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-28755
NGINX ngx_stream_ssl_module vulnerability
CVE-2026-28755
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_strea ...
GHSA-hgfr-jmpr-2p89
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check identifies the certificate as revoked. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-28755 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check identifies the certificate as revoked. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | CVSS3: 5.4 | 0% Низкий | 7 дней назад |
 | CVE-2026-28755 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check identifies the certificate as revoked. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | CVSS3: 5.4 | 0% Низкий | 7 дней назад |
 | CVE-2026-28755 NGINX ngx_stream_ssl_module vulnerability | CVSS3: 5.4 | 0% Низкий | 5 дней назад |
| CVE-2026-28755 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_strea ... | CVSS3: 5.4 | 0% Низкий | 7 дней назад |
| GHSA-hgfr-jmpr-2p89 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_module module due to the improper handling of revoked certificates when configured with the ssl_verify_client on and ssl_ocsp on directives, allowing the TLS handshake to succeed even after an OCSP check identifies the certificate as revoked. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | CVSS3: 5.4 | 0% Низкий | 7 дней назад |
Уязвимостей на страницу