https://depthfirst.com/nginx-rift

Reply to https://depthfirst.com/nginx-rift on Thu, 14 May 2026 10:37:27 GMT

aimaz@mstdn.social — Thu, 14 May 2026 10:37:27 GMT

@mcfly if anyone is I’ve made a plugin for gixy-next to check for the rewrite directives that might be an issue.

Stephen Paulger (@aimaz@mstdn.social)

If anyone is worrying about their NGINX configs because of CVE-2026-42945 I’ve made a fork of gixy-next with a plugin to help find rewrite configs that might be a problem. https://github.com/stephenpaulger/Gixy-Next/tree/add-unnamed-group-plugin I’ll send a merge request but in the meantime my fork’s branch might be useful. Obviously, don’t just trust me, review my change, it’s small enough. #nginx #CyberSecurity #cve_2026_42945

Mastodon 🐘 (mstdn.social)

Reply to https://depthfirst.com/nginx-rift on Thu, 14 May 2026 09:52:48 GMT

equinox@chaos.social — Thu, 14 May 2026 09:52:48 GMT

@mcfly

> The bug is reachable only when an unnamed PCRE capture is paired with a replacement string that contains a question mark, followed by a rewrite, if, or set directive in the same scope.

… Gesundheit?

Reply to https://depthfirst.com/nginx-rift on Thu, 14 May 2026 09:49:19 GMT

cy@chaos.social — Thu, 14 May 2026 09:49:19 GMT

@mcfly the vulnerable rewrite looks suspicious even without the flaw