Ubuntu 25.04: nginx Important Method Info Exposure Vulnerability USN-7715-1
ubuntu
August 25, 2025
nginx could be made to expose sensitive information over the network.
Summary
nginx could be made to expose sensitive information over the
network.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
It was discovered that the nginx ngx_mail_smtp_module module incorrectly
handled certain memory operations when doing SMTP authentication. This
could possibly result in sensitive information being sent to the
authentication server.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 nginx 1.26.3-2ubuntu1.2 nginx-core 1.26.3-2ubuntu1.2 nginx-extras 1.26.3-2ubuntu1.2 nginx-full 1.26.3-2ubuntu1.2 nginx-light 1.26.3-2ubuntu1.2 Ubuntu 24.04 LTS nginx 1.24.0-2ubuntu7.5 nginx-core 1.24.0-2ubuntu7.5 nginx-extras 1.24.0-2ubuntu7.5 nginx-full 1.24.0-2ubuntu7.5 nginx-light 1.24.0-2ubuntu7.5 Ubuntu 22.04 LTS nginx 1.18.0-6ubuntu14.7 nginx-core 1.18.0-6ubuntu14.7 nginx-full 1.18.0-6ubuntu14.7 nginx-light 1.18.0-6ubuntu14.7 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7715-1
CVE-2025-53859
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7715-1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!