nginx is vulnerable to access restriction bypass. The vulnerability exists because TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates which allows an attacker to gain access to the system and perform unauthorized actions.
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-3618
alpaca-attack.com/
bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
bugzilla.redhat.com/show_bug.cgi?id=1975623
github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a
lists.debian.org/debian-lts-announce/2022/11/msg00031.html
ubuntu.com/security/CVE-2021-3618