Skip to content

NGINX Node Artifact Versions and Changelog

This document lists available versions of the NGINX Wallarm Node 5.x in various form factors, helping you track releases and plan upgrades.

All-in-one installer

Since version 4.10, installation and upgrading of Wallarm nodes is performed only with all all-in-one installer. Manual upgrade with individual Linux packages is not supported any more.

History of all-in-one installer updates simultaneously applies to it's x86_64 and ARM64 (beta) versions.

How to migrate from DEB/RPM packages

How to migrate from previous all-in-one installer version

5.2.11 (2024-12-25)

  • Added support for NGINX Mainline v1.27.2 and 1.27.3

  • Added support for NGINX Plus R33

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log request points containing malicious payloads and attack sign IDs, thereby enabling advanced debugging of Node behavior.

  • Minor bug fixes

5.1.1 (2024-11-08)

  • Fixed some bugs in the wallarm-status service operation

5.1.0 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3 (2024-10-10)

5.0.2 (2024-09-18)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1 (2024-08-21)

  • Initial release 5.0, see changelog

  • Added support for NGINX v1.26.2 stable

Helm chart for Wallarm NGINX Ingress controller

How to upgrade

5.2.12 (2025-01-08)

5.2.11 (2024-12-27)

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.2 (2024-12-11)

5.2.1 (2024-12-07)

  • Upgraded to Community Ingress NGINX Controller version 1.11.3, aligning with the upstream Helm chart version 4.11.3

  • Breaking changes introduced by the Community Ingress NGINX Controller upgrade:

    • Discontinued support for Opentracing and Zipkin modules, now only supporting Opentelemetry
    • Dropped support for PodSecurityPolicy
  • Compatibility extended up to Kubernetes version 1.30

  • Updated to NGINX 1.25.5

  • Minor bug fixes

5.1.1 (2024-11-14)

  • Fixed the GHSA-c5pj-mqfh-rvc3 vulnerability

  • Fixed some bugs in the wallarm-status service operation

5.1.0 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

  • Added new settings for API Specification Enforcement:

    • readBufferSize
    • readBufferSize
    • writeBufferSize
    • maxRequestBodySize
    • disableKeepalive
    • maxConnectionsPerIp
    • maxRequestsPerConnection

    See descriptions and default values here.

5.0.3 (2024-10-10)

5.0.2 (2024-09-18)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1 (2024-08-21)

Helm chart for Sidecar

How to upgrade

5.2.11 (2024-12-27)

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-09)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log request points containing malicious payloads and attack sign IDs, thereby enabling advanced debugging of Node behavior.

  • Minor bug fixes

5.1.0 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3 (2024-10-10)

5.0.2 (2024-09-19)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1 (2024-08-21)

NGINX-based Docker image

How to upgrade

5.2.11 (2024-12-25)

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log parameters containing malicious payloads and attack sign IDs enabling advanced debugging of Node behavior.

  • Moved image source and Dockerfile from GitHub to an internal GitLab repository

5.1.0-1 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3-1 (2024-10-10)

5.0.2-1 (2024-09-18)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1-1 (2024-08-21)

  • Initial release 5.0, see changelog

  • Added support for NGINX v1.26.2 stable

Amazon Machine Image (AMI)

How to upgrade

5.2.11 (2024-12-28)

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

5.2.1 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log parameters containing malicious payloads and attack sign IDs enabling advanced debugging of Node behavior.

  • Minor bug fixes

5.1.0-1 (2024-11-06)

  • Added support for API Sessions

  • Improved limiting request processing time

  • Reduced memory usage during node registration

5.0.3-1 (2024-10-10)

5.0.2-1 (2024-09-19)

  • Fixed installation failure issue when no WAAP + API Security subscription is activated

  • Fixed delays in attack export

5.0.1-1 (2024-08-21)

Google Cloud Platform Image

How to upgrade

wallarm-node-5-2-20241227-095327 (2024-12-27)

  • Resolved the CVE-2024-45337 and CVE-2024-45338 vulnerabilities

  • Fixed an issue where some requests were processed unsuccessfully, potentially affecting API Sessions, Credential Stuffing, and API Abuse Prevention

wallarm-node-5-2-20241209-114655 (2024-12-07)

  • New $wallarm_attack_point_list and $wallarm_attack_stamp_list variables for extended logging

    These variables log parameters containing malicious payloads and attack sign IDs enabling advanced debugging of Node behavior.

  • Minor bug fixes

wallarm-node-5-1-20241108-120238 (2024-11-08)