CVE-2024-7347
- EPSS 0.32%
- Veröffentlicht 14.08.2024 15:15:31
- Zuletzt bearbeitet 03.11.2025 21:18:48
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is b...
CVE-2024-35200
- EPSS 0.92%
- Veröffentlicht 29.05.2024 16:15:10
- Zuletzt bearbeitet 24.01.2025 16:15:15
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.
CVE-2024-34161
- EPSS 0.87%
- Veröffentlicht 29.05.2024 16:15:10
- Zuletzt bearbeitet 24.01.2025 16:20:57
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to...
CVE-2024-32760
- EPSS 0.85%
- Veröffentlicht 29.05.2024 16:15:10
- Zuletzt bearbeitet 24.01.2025 16:21:55
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.
CVE-2024-31079
- EPSS 0.87%
- Veröffentlicht 29.05.2024 16:15:09
- Zuletzt bearbeitet 24.01.2025 16:01:04
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the...
CVE-2024-24989
- EPSS 1.06%
- Veröffentlicht 14.02.2024 17:15:15
- Zuletzt bearbeitet 13.02.2025 18:17:12
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more informatio...
CVE-2024-24990
- EPSS 0.91%
- Veröffentlicht 14.02.2024 17:15:15
- Zuletzt bearbeitet 13.02.2025 18:17:12
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more informatio...