Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2024-24990
- EPSS 0.18%
- Veröffentlicht 14.02.2024 17:15:15
- Zuletzt bearbeitet 13.02.2025 18:17:12
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more informatio...
7.5
CVE-2023-44487
- EPSS 94.39%
- Veröffentlicht 10.10.2023 14:15:10
- Zuletzt bearbeitet 07.11.2025 19:00:41
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
- EPSS 0.23%
- Veröffentlicht 19.10.2022 22:15:12
- Zuletzt bearbeitet 21.11.2024 07:23:46
NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_hls_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or ...