{ "schema_version": "1.7.0", "id": "RHSA-2026:6923", "related": [], "upstream": [ "CVE-2026-27651", "CVE-2026-27654", "CVE-2026-27784", "CVE-2026-32647" ], "published": "2026-04-08T10:09:01Z", "modified": "2026-04-09T10:11:36Z", "summary": "Red Hat Security Advisory: nginx:1.24 security update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "affected": [ { "package": { "name": "nginx", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-all-modules", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-all-modules" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-core", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-core" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-core-debuginfo", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-core-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-debuginfo", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-debugsource", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-filesystem", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-filesystem" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-devel", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-http-image-filter", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-http-image-filter" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-http-image-filter-debuginfo", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-http-image-filter-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-http-perl", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-http-perl" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-http-perl-debuginfo", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-http-perl-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-http-xslt-filter", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-http-xslt-filter-debuginfo", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-http-xslt-filter-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-mail", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-mail" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-mail-debuginfo", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-mail-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-stream", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-stream" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "nginx-mod-stream-debuginfo", "ecosystem": "Red Hat:enterprise_linux:9::appstream", "purl": "pkg:rpm/redhat/nginx-mod-stream-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:1.24.0-5.module+el9.7.0+24151+c43a3acf.2" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2026:6923" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6923.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-27651" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27651" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651" }, { "type": "ARTICLE", "url": "https://my.f5.com/manage/s/article/K000160383" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-27654" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27654" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654" }, { "type": "ARTICLE", "url": "https://my.f5.com/manage/s/article/K000160382" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-27784" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27784" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784" }, { "type": "ARTICLE", "url": "https://my.f5.com/manage/s/article/K000160364" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-32647" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-32647" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647" }, { "type": "ARTICLE", "url": "https://my.f5.com/manage/s/article/K000160366" } ] }