Skip to content

NGINX Node Artifact Versions and Changelog

This document lists available versions of the NGINX Wallarm Node 5.x in various form factors, helping you track releases and plan upgrades.

All-in-one installer

Since version 4.10, installation and upgrading of Wallarm nodes is performed only with all all-in-one installer. Manual upgrade with individual Linux packages is not supported any more.

History of all-in-one installer updates simultaneously applies to it's x86_64 and ARM64 (beta) versions.

How to migrate from DEB/RPM packages

How to migrate from previous all-in-one installer version

5.3.16 (2025-06-23)

5.3.15 (2025-06-04)

  • Fixed the CVE-2025-47273 vulnerability

  • Removed support for the WALLARM_ATTACKS_DETAILED_EXPORT environment variable which has been used to disable exporting full attack data to Wallarm Cloud

5.3.14 (2025-05-26)

  • Added support for the WALLARM_ATTACKS_DETAILED_EXPORT environment variable to optionally disable exporting full attack data to Wallarm Cloud

    This is intended for environments with strict data protection requirements.

5.3.13 (2025-04-29)

  • Added support for NGINX stable 1.28.0

  • Added support for NGINX mainline 1.27.5

5.3.12 (2025-04-24)

  • The number of specification violations that can be detected in a single request during API Specification Enforcement is limited to 3 to provide sufficient insight into policy violations while maintaining optimal Node performance

    If needed, you can adjust the value.

  • Fixed the CVE-2024-56406, CVE-2025-31115, CVE-2025-22871 vulnerabilities

5.3.11 (2025-04-03)

5.3.10 (2025-03-10)

5.3.8 (2025-02-18)

5.3.7 (2025-02-04)

5.3.0 (2025-01-29)

  • Added support for response parameters in API Sessions for providing the full context of user activities and more precise session grouping (see detailed change description)

  • Added a full-fledged GraphQL parser (see detailed change description) that allows:

    • Improved detection of the input validation attacks in GraphQL-specific request points
    • Fine-tuning attack detection for specific GraphQL points (e.g. disable detection of specific attack types in specific points)
    • Analyzing specific parts of GraphQL requests in API sessions

  • Return RPS and request amount per hosts and origins for Security Edge Inline

  • Fixed invalid time value in serialized requests to properly display the resource overlimit attacks

5.2.11 (2024-12-25)

  • Added support for NGINX Mainline v1.27.2 and 1.27.3

  • Added support for NGINX Plus R33

  • Added support for sensitive business flows in API Discovery and API Sessions

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log request points containing malicious payloads and attack sign IDs, thereby enabling advanced debugging of Node behavior.

  • Minor bug fixes

5.1.1 (2024-11-08)

  • Fixed some bugs in the wallarm-status service operation

5.1.0 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3 (2024-10-10)

5.0.2 (2024-09-18)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1 (2024-08-21)

  • Initial release 5.0, see changelog

  • Added support for NGINX v1.26.2 stable

Helm chart for Wallarm NGINX Ingress controller

How to upgrade

5.3.16 (2025-06-23)

5.3.15 (2025-06-04)

5.3.14 (2025-04-25)

  • The number of specification violations that can be detected in a single request during API Specification Enforcement is limited to 3 to provide sufficient insight into policy violations while maintaining optimal Node performance

    If needed, you can adjust the value.

  • Added the validation.enableCel parameter to enable validation of Ingress resources via Validating Admission Policies

5.3.13 (2025-04-24)

5.3.12 (2025-04-03)

5.3.11 (2025-03-26)

  • Upgraded to Community Ingress NGINX Controller version 1.11.5, aligning with the upstream Helm chart version 4.11.5

  • Fixed the critical CVE-2025-1974 vulnerability due to the upstream upgrade

5.3.10 (2025-03-10)

5.3.8 (2025-02-17)

5.3.7 (2025-02-10)

  • Fix for the invalid_xml attack detection in responses

  • Minor GraphQL parser fixes

5.3.0 (2025-01-29)

  • Added support for response parameters in API Sessions for providing the full context of user activities and more precise session grouping (see detailed change description)

  • Added a full-fledged GraphQL parser (see detailed change description) that allows:

    • Improved detection of the input validation attacks in GraphQL-specific request points
    • Fine-tuning attack detection for specific GraphQL points (e.g. disable detection of specific attack types in specific points)
    • Analyzing specific parts of GraphQL requests in API sessions

  • Fixed invalid time value in serialized requests to properly display the resource overlimit attacks

5.2.12 (2025-01-08)

5.2.11 (2024-12-27)

  • Added support for sensitive business flows in API Discovery and API Sessions

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.2 (2024-12-11)

5.2.1 (2024-12-07)

  • Upgraded to Community Ingress NGINX Controller version 1.11.5, aligning with the upstream Helm chart version 4.11.5

  • Breaking changes introduced by the Community Ingress NGINX Controller upgrade:

    • Discontinued support for Opentracing and Zipkin modules, now only supporting Opentelemetry
    • Dropped support for PodSecurityPolicy

  • Compatibility extended up to Kubernetes version 1.30

  • Updated to NGINX 1.25.5

  • Minor bug fixes

5.1.1 (2024-11-14)

  • Fixed the GHSA-c5pj-mqfh-rvc3 vulnerability

  • Fixed some bugs in the wallarm-status service operation

5.1.0 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

  • Added new settings for API Specification Enforcement:

    • readBufferSize
    • writeBufferSize
    • maxRequestBodySize
    • disableKeepalive
    • maxConnectionsPerIp
    • maxRequestsPerConnection

    See descriptions and default values here.

5.0.3 (2024-10-10)

5.0.2 (2024-09-18)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1 (2024-08-21)

Helm chart for Sidecar

How to upgrade

5.3.16 (2025-06-23)

  • Fixed the CVE-2025-22874 vulnerability

  • Bump Alpine version to 3.22

  • Upgrade NGINX to version 1.28.0

5.3.15 (2025-06-04)

5.3.13 (2025-04-25)

  • The number of specification violations that can be detected in a single request during API Specification Enforcement is limited to 3 to provide sufficient insight into policy violations while maintaining optimal Node performance

    If needed, you can adjust the value.

5.3.12 (2025-04-24)

5.3.11 (2025-04-03)

5.3.10 (2025-03-10)

5.3.9 (2025-02-18)

5.3.8 (2025-02-17)

5.3.7 (2025-02-10)

  • Fix for the invalid_xml attack detection in responses

  • Minor GraphQL parser fixes

5.3.0 (2025-01-29)

  • Added support for response parameters in API Sessions for providing the full context of user activities and more precise session grouping (see detailed change description)

  • Added a full-fledged GraphQL parser (see detailed change description) that allows:

    • Improved detection of the input validation attacks in GraphQL-specific request points
    • Fine-tuning attack detection for specific GraphQL points (e.g. disable detection of specific attack types in specific points)
    • Analyzing specific parts of GraphQL requests in API sessions

  • Fixed invalid time value in serialized requests to properly display the resource overlimit attacks

  • Added new settings for API Specification Enforcement:

    • readBufferSize
    • writeBufferSize
    • maxRequestBodySize
    • disableKeepalive
    • maxConnectionsPerIp
    • maxRequestsPerConnection

    See descriptions and default values here.

  • Added the config.nginx.logs.extended and config.nginx.logs.format Helm chart values for extended logging in NGINX

5.2.11 (2024-12-27)

  • Added support for sensitive business flows in API Discovery and API Sessions

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-09)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log request points containing malicious payloads and attack sign IDs, thereby enabling advanced debugging of Node behavior.

  • Minor bug fixes

5.1.0 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3 (2024-10-10)

5.0.2 (2024-09-19)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1 (2024-08-21)

NGINX-based Docker image

How to upgrade

5.3.16 (2025-06-23)

  • Fixed the CVE-2025-22874 vulnerability

  • Bump Alpine version to 3.22

  • Upgrade NGINX to version 1.28.0

5.3.15 (2025-06-04)

  • Fixed the CVE-2025-47273 vulnerability

  • Removed support for the WALLARM_ATTACKS_DETAILED_EXPORT environment variable which has been used to disable exporting full attack data to Wallarm Cloud

5.3.14 (2025-05-26)

  • Added support for the WALLARM_ATTACKS_DETAILED_EXPORT environment variable to optionally disable exporting full attack data to Wallarm Cloud

    This is intended for environments with strict data protection requirements.

5.3.12 (2025-04-24)

  • The number of specification violations that can be detected in a single request during API Specification Enforcement is limited to 3 to provide sufficient insight into policy violations while maintaining optimal Node performance

    If needed, you can adjust the value.

  • Fixed the CVE-2024-56406, CVE-2025-31115, CVE-2025-22871 vulnerabilities

5.3.11 (2025-04-03)

5.3.10 (2025-03-10)

5.3.8 (2025-02-18)

5.3.7 (2025-02-04)

  • Added support for the WALLARM_APID_ONLY environment variable which enables API Discovery-only mode while running the Docker image

    In this mode, attacks are blocked locally (if enabled) but not exported to Wallarm Cloud, while API Discovery, API session tracking, and security vulnerability detection remain fully functional. This mode is rarely needed, in most environments, using this mode is unnecessary.

  • Fix for the invalid_xml attack detection in responses

  • Minor GraphQL parser fixes

5.3.0 (2025-01-29)

  • Added support for response parameters in API Sessions for providing the full context of user activities and more precise session grouping (see detailed change description)

  • Added a full-fledged GraphQL parser (see detailed change description) that allows:

    • Improved detection of the input validation attacks in GraphQL-specific request points
    • Fine-tuning attack detection for specific GraphQL points (e.g. disable detection of specific attack types in specific points)
    • Analyzing specific parts of GraphQL requests in API sessions

  • Fixed invalid time value in serialized requests to properly display the resource overlimit attacks

5.2.11 (2024-12-25)

  • Added support for sensitive business flows in API Discovery and API Sessions

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log parameters containing malicious payloads and attack sign IDs enabling advanced debugging of Node behavior.

  • Moved image source and Dockerfile from GitHub to an internal GitLab repository

5.1.0-1 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3-1 (2024-10-10)

5.0.2-1 (2024-09-18)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1-1 (2024-08-21)

  • Initial release 5.0, see changelog

  • Added support for NGINX v1.26.2 stable

Amazon Machine Image (AMI)

How to upgrade

5.3.15 (2025-06-04)

5.3.12 (2025-04-25)

  • The number of specification violations that can be detected in a single request during API Specification Enforcement is limited to 3 to provide sufficient insight into policy violations while maintaining optimal Node performance

    If needed, you can adjust the value.

  • Fixed the CVE-2024-56406, CVE-2025-31115, CVE-2025-22871 vulnerabilities

5.3.10 (2025-03-12)

5.3.7 (2025-02-13)

  • Fix for the invalid_xml attack detection in responses

  • Minor GraphQL parser fixes

5.3.0 (2025-01-30)

  • Added support for response parameters in API Sessions for providing the full context of user activities and more precise session grouping (see detailed change description)

  • Added a full-fledged GraphQL parser (see detailed change description) that allows:

    • Improved detection of the input validation attacks in GraphQL-specific request points
    • Fine-tuning attack detection for specific GraphQL points (e.g. disable detection of specific attack types in specific points)
    • Analyzing specific parts of GraphQL requests in API sessions

  • Fixed invalid time value in serialized requests to properly display the resource overlimit attacks

5.2.11 (2024-12-28)

  • Added support for sensitive business flows in API Discovery and API Sessions

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log parameters containing malicious payloads and attack sign IDs enabling advanced debugging of Node behavior.

  • Minor bug fixes

5.1.0-1 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3-1 (2024-10-10)

5.0.2-1 (2024-09-19)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1-1 (2024-08-21)

Google Cloud Platform Image

How to upgrade

wallarm-node-5-3-15-20250605-140709 (2025-06-04)

wallarm-node-5-3-12-20250425-053214 (2025-04-25)

  • The number of specification violations that can be detected in a single request during API Specification Enforcement is limited to 3 to provide sufficient insight into policy violations while maintaining optimal Node performance

    If needed, you can adjust the value.

  • Fixed the CVE-2024-56406, CVE-2025-31115, CVE-2025-22871 vulnerabilities

wallarm-node-5-3-10-20250312-063130 (2025-03-12)

wallarm-node-5-3-20250213-053413 (2025-02-13)

  • Fix for the invalid_xml attack detection in responses

  • Minor GraphQL parser fixes

wallarm-node-5-3-20250129-150255 (2025-01-30)

  • Added support for response parameters in API Sessions for providing the full context of user activities and more precise session grouping (see detailed change description)

  • Added a full-fledged GraphQL parser (see detailed change description) that allows:

    • Improved detection of the input validation attacks in GraphQL-specific request points
    • Fine-tuning attack detection for specific GraphQL points (e.g. disable detection of specific attack types in specific points)
    • Analyzing specific parts of GraphQL requests in API sessions

  • Fixed invalid time value in serialized requests to properly display the resource overlimit attacks

wallarm-node-5-2-20241227-095327 (2024-12-27)

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

wallarm-node-5-2-20241209-114655 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log parameters containing malicious payloads and attack sign IDs enabling advanced debugging of Node behavior.

  • Minor bug fixes

wallarm-node-5-1-20241108-120238 (2024-11-08)