Openresty Lua-Nginx-Module vulnerabilities
2 known vulnerabilities affecting openresty/lua-nginx-module.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-33452HIGHCVSS 7.7≤ 0.10.262025-04-22
CVE-2024-33452 [HIGH] CWE-444 CVE-2024-33452: An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request.
nvd
CVE-2020-36309MEDIUMCVSS 5.3fixed in 0.10.162021-04-06
CVE-2020-36309 [MEDIUM] CVE-2020-36309: ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in a
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.
nvd