nginx to old vulnerability CVE-2025-23419 #4354
Description
Checklist
- Have you pulled and found the error with
jc21/nginx-proxy-manager:latestdocker image?- Yes
- Are you sure you're not using someone else's docker image?
- Yes
- Have you searched for similar issues (both open and closed)?
- Yes
Describe the bug
As visible under https://nginx.org/en/security_advisories.html a newer nginx needed to be installed.
Not vulnerable: 1.27.4+, 1.26.3+
Nginx Proxy Manager Version
Version 2.12.3 (c5a319c) 2025-02-06 10:51:15 UTC, OpenResty 1.25.3.2, debian 12 (bookworm), Certbot certbot 3.0.1
To Reproduce
bash:> docker exec -it nginx_reverse-proxy /bin/bash
#or however the container is named
bash:> nginx -v
nginx version: openresty/1.25.3.2
Expected behavior
nginx-version 1.27.4 or 1.26.3