Nginx · Spnego-Http-Auth-Nginx-Module · CVE-2021-21335
**Name of the Vulnerable Software and Affected Versions**
spnego-http-auth-nginx-module versions prior to 1.1.1
**Description**
The issue allows basic authentication to be bypassed using a malformed `username`. This affects users who have enabled basic authentication.
**Recommendations**
For versions prior to 1.1.1, update to version 1.1.1 to resolve the issue.
As a temporary workaround, consider disabling basic authentication until the update is applied.