[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-UBUNTU-CVE-2026-42055":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-21T07:39:11.499Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":19,"modified_at":20,"state":9,"summary":21,"references_raw":23,"kevs":50,"epss":9,"epss_history":51,"metrics":52,"affected":53},"UBUNTU-CVE-2026-42055","NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and ngx_http_grpc_module modules. This vulnerability exists when the proxy_http_version to 2 or grpc_pass directives are used to proxy HTTP/2 traffic, the ignore_invalid_headers directive is set to off, and the large_client_header_buffers directive size is larger than 2 megabytes. A remote, unauthenticated attacker, along with conditions beyond their control, could send large headers while creating an upstream request. This may cause a heap-based buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",null,[],[],[],[14],{"_key":15},"CVE-2026-42055",[],[],[],"2026-06-19T00:00:00Z","2026-06-19T18:00:08.140073572Z",{"cisa_kev":22,"cisa_ransomware":22,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[24,30,34,38,42,46],{"url":25,"sources":26,"tags":28},"https://ubuntu.com/security/CVE-2026-42055",[27],"osv_ubuntu",[29],"REPORT",{"url":31,"sources":32,"tags":33},"https://www.cve.org/CVERecord?id=CVE-2026-42055",[27],[29],{"url":35,"sources":36,"tags":37},"https://my.f5.com/manage/s/article/K000161584",[27],[29],{"url":39,"sources":40,"tags":41},"https://github.com/nginx/nginx/commit/58a7bc3406ac8b9dc0e0afafc69ba42df56009e3",[27],[29],{"url":43,"sources":44,"tags":45},"https://github.com/nginx/nginx/commit/26d824ec3a2f819300edce0ab3b055751c9843ff",[27],[29],{"url":47,"sources":48,"tags":49},"https://github.com/nginx/nginx/commit/131be8514da8985b15b74150521afedbf9cc4ea3",[27],[29],[],[],[],[54],{"ecosystem":55,"name":56,"vendor":57,"product":56,"cpe_part":9,"purl_type":58,"purl_namespace":57,"purl_name":56,"source":9,"versions":59},"Ubuntu","nginx","ubuntu","deb",[60,64,65,66,67],{"version":61,"is_range":62,"range_type":63,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"ecosystem",{"version":61,"is_range":62,"range_type":63,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":61,"is_range":62,"range_type":63,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":61,"is_range":62,"range_type":63,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":61,"is_range":62,"range_type":63,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]