Your submission was sent successfully! Close

CVE-2011-4968

Published: 19 November 2019

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

Priority

Low

CVSS 3 base score: 4.8

Status

Package Release Status
nginx
Launchpad, Ubuntu, Debian
Upstream
Released (1.7.0)
Ubuntu 14.04 ESM (Trusty Tahr) Ignored
(see notes)
Patches:
Upstream: http://trac.nginx.org/nginx/changeset/060c2e692b96a150b584b8e30d596be1f2defa9c/nginx