Openresty: >> Lua-Nginx-Module Security Vulnerabilities
An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request.
CVSS Score
7.7
EPSS Score
0.002
Published
2025-04-22
ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-04-06