Has anyone checked if Discourse containers are vulnerable to this rewrite vulnerability?

This is not a Discourse issue and topics regarding it should not be opened here.

We will update our base image our default rewrite rules are not vulnerable

This has now been completed. The base image now includes NGINX 1.30.1 : DEV: bump nginx to v1.30.1 (CVE-2026-42945) (#1054) main ← fitzy/bump-nginx merged 03:50AM - 18 May 26 UTC (UTC) …

Nginx CVE-2026-42945

Supporto

sam (Sam Saffron) 16 Maggio 2026, 2:26am 5

Aggiorneremo la nostra immagine di base: le nostre regole di riscrittura predefinite non sono vulnerabili

Argomento		Risposte	Visualizzazioni
Management of NVTs and CVEs Self-hosting unsupported-install	7	1033	Luglio 25, 2022
Upgrading failing with: The "before-server" Nginx outlet is missing... discourse_docker is not compatible with the chosen Discourse version Support	7	207	Luglio 12, 2025
Nginx version pinning Bug	6	183	Gennaio 29, 2026
Docker installation vulnerable to CVE-2015-8126? Support	3	1049	Novembre 18, 2015
Nginx config in Discourse Docker? Self-hosting	3	3323	Febbraio 10, 2022

Nginx CVE-2026-42945

Argomenti correlati