Analyzed
3 days
ago.
based on code collected
19 days
ago.
Project Summary
NGINX [Engine-X] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev. It has been running on many heavily loaded sites, including Facebook, Zappos, Groupon, LivingSocial, Hulu, TechCrunch, Dropbox, Tumblr and WordPress.
In a Nutshell, nginx...
- ...
- ...
-
...
has a well established, mature codebase
maintained by a large development team
with decreasing Y-O-Y commits -
...
took an estimated 66 years of effort (COCOMO model)
starting with its first commit in August, 2002
ending with its most recent commit 5 months ago
BSD 2-clause "Simplified" License
Permitted
Commercial Use
Modify
Distribute
Place Warranty
Forbidden
Hold Liable
Required
Include Copyright
Include License
These details are provided for information only. No information here is legal advice and should not be used as such.
Project Security
Vulnerabilities per Version ( last 10 releases )
Project Vulnerability Report
Security Confidence Index
Poor security track-record
Favorable security track-record
Vulnerability Exposure Index
Many reported vulnerabilities
Few reported vulnerabilities
Did You Know...
-
...
nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
-
...
compare projects before you chose one to use
-
...
there are over 3,000 projects on the Open Hub with security vulnerabilities reported against them
-
...
check out hot projects on the Open Hub
30 Day SummaryOct 30 2025 — Nov 29 2025
|
12 Month SummaryNov 29 2024 — Nov 29 2025
|
Static Analysis ( Generated by Coverity Scan for nginx )
Repository URL: http://hg.nginx.org/nginx-tests
Version: tip
- 2025-12-15
- Last Analyzed
- 790,974
- Lines of Code Analyze
- 0.01
- Defect Density
Defects by status for current build
- 274
- Total defects
- 6
- Outstanding
- 142
- Fixed
CWE Top 25 defects
| ID | CWE-Name | Number of Defects |
|---|---|---|
| 190 | Integer Overflow or Wraparound | 1 |