openresty/lua-nginx-module
GitHub
Releases380
Frequency2 weeks 1 day
Last Release
Stars11.8K
Embed the Power of Lua into NGINX HTTP servers
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 5.3 MEDIUM | 5 MEDIUM | ||
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header. | |||
| 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_subrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API. | |||