Nginx < 1.30.3 Multiple Vulnerabilities

critical Web App Scanning Plugin ID 115285

Synopsis

Nginx < 1.30.3 Multiple Vulnerabilities

Description

According to its Server response header, the installed version of nginx is prior to 1.30.3 or 1.31.x prior to 1.31.2. It is, therefore, affected by the following issues :

- A Use-After-Free in the ngx_http_v3_module module allows a remote unauthenticated attacker to send a specially crafted HTTP/3 session that reopens a QPACK encoder stream, causing a worker process restart or, on systems with ASLR disabled, arbitrary code execution. (CVE-2026-42530)

- A heap-based buffer overflow in the ngx_http_proxy_v2_module and ngx_http_grpc_module modules allows a remote unauthenticated attacker to send large headers during upstream request creation when proxy_http_version 2 or grpc_pass is used with ignore_invalid_headers off and large_client_header_buffers configured above 2 megabytes, causing a worker process restart or, on systems with ASLR disabled, arbitrary code execution. (CVE-2026-42055)

- A heap buffer over-read (CWE-125) in the ngx_http_charset_module module allows a remote unauthenticated attacker to cause limited memory disclosure or a worker process restart when content is served or proxied through a location block configured with both source_charset utf-8 and a charset conversion directive. (CVE-2026-48142)

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Nginx version 1.30.3 or later.

See Also

https://my.f5.com/manage/s/article/K000161584

https://my.f5.com/manage/s/article/K000161585

Plugin Details

Severity: Critical

ID: 115285

Type: Version Based

Published: 7/13/2026

Updated: 7/13/2026

Scan Template: api, basic, full, pci, scan

Risk Information

VPR

Risk Factor: High

Score: 7.9

Percentile: 99.36

CVSS v2

Risk Factor: High

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-42055

CVSS v3

Risk Factor: High

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2026-42055

CVSS v4

Risk Factor: Critical

Base Score: 9.2

Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2026-42055

Vulnerability Information

CPE: cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 6/16/2026

Reference Information

CVE: CVE-2026-42055, CVE-2026-42530, CVE-2026-48142