Change8

release-1.30.1

📦 nginxView on GitHub →
🐛 6 fixes🔧 5 symbols

Summary

Nginx version 1.30.1 is a stable release focused entirely on patching multiple critical security vulnerabilities across various modules and protocols.

🐛 Bug Fixes

  • Fixed HTTP/2 request injection vulnerability in the ngx_http_proxy_module (CVE-2026-42926).
  • Fixed buffer overflow vulnerability in the ngx_http_rewrite_module (CVE-2026-42945).
  • Fixed buffer overread vulnerabilities in the ngx_http_scgi_module and ngx_http_uwsgi_module (CVE-2026-42946).
  • Fixed buffer overread vulnerability in the ngx_http_charset_module (CVE-2026-42934).
  • Fixed address spoofing vulnerability in HTTP/3 (CVE-2026-40460).
  • Fixed use-after-free vulnerability in OCSP requests to resolver (CVE-2026-40701).

Affected Symbols

ngx_http_proxy_modulengx_http_rewrite_modulengx_http_scgi_modulengx_http_uwsgi_modulengx_http_charset_module