Bitnami package
openresty
pkg:bitnami/openresty
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-33452 | — | < 1.25.3 | 1.25.3 | Apr 22, 2025 | An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request. | ||
| CVE-2020-36309 | — | < 0.10.16 | 0.10.16 | Apr 6, 2021 | ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header. |
- CVE-2024-33452Apr 22, 2025affected < 1.25.3fixed 1.25.3
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request.
- CVE-2020-36309Apr 6, 2021affected < 0.10.16fixed 0.10.16
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.