Moderate: nginx security update

🗓️ 13 May 2025 00:00:00Reported by AlmaLinuxType

almalinux

almalinux🔗 errata.almalinux.org👁 13 Views

Moderate nginx security update addresses memory issues and denial of service vulnerabilities.

Reporter	Title	Published	Views	Family All 339
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in nginx may affect IBM Robotic Process Automation for Cloud Pak resulting in a denial of service (CVE-2022-41741, CVE-2022-41742)	4 Jan 202319:55	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Nov 2024	26 Nov 202409:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	19 Dec 202416:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in F5 NGINX	2 May 202320:56	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Nginx affects IBM Integrated Analytics System (Sailfish)[CVE-2023-44487, CVE-2024-7347].	17 May 202509:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx	28 Oct 202419:37	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in nginx affects IBM Robotic Process Automatin for Cloud Pak and may result in a denial of service (CVE-2024-7347)	28 Jan 202522:08	–	ibm
GithubExploit	Exploit for Type Confusion in Google Chrome	10 Feb 202523:04	–	githubexploit
GithubExploit	Exploit for Out-of-bounds Write in F5 Nginx	7 May 202523:26	–	githubexploit

OS	OS Version	Architecture	Package	Package Version	Filename
almalinux	9	noarch	nginx-all-modules	1.20.1-22.el9_6.2.alma.1	nginx-all-modules-1.20.1-22.el9_6.2.alma.1.noarch.rpm
almalinux	9	noarch	nginx-filesystem	1.20.1-22.el9_6.2.alma.1	nginx-filesystem-1.20.1-22.el9_6.2.alma.1.noarch.rpm
almalinux	9	ppc64le	nginx-mod-http-image-filter	1.20.1-22.el9_6.2.alma.1	nginx-mod-http-image-filter-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm
almalinux	9	ppc64le	nginx-mod-http-xslt-filter	1.20.1-22.el9_6.2.alma.1	nginx-mod-http-xslt-filter-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm
almalinux	9	ppc64le	nginx-mod-mail	1.20.1-22.el9_6.2.alma.1	nginx-mod-mail-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm
almalinux	9	ppc64le	nginx-mod-stream	1.20.1-22.el9_6.2.alma.1	nginx-mod-stream-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm
almalinux	9	ppc64le	nginx	1.20.1-22.el9_6.2.alma.1	nginx-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm
almalinux	9	ppc64le	nginx-core	1.20.1-22.el9_6.2.alma.1	nginx-core-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm
almalinux	9	ppc64le	nginx-mod-http-perl	1.20.1-22.el9_6.2.alma.1	nginx-mod-http-perl-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm
almalinux	9	aarch64	nginx-mod-http-xslt-filter	1.20.1-22.el9_6.2.alma.1	nginx-mod-http-xslt-filter-1.20.1-22.el9_6.2.alma.1.aarch64.rpm

Source	Link
access	www.access.redhat.com/errata/RHSA-2025:7402
access	www.access.redhat.com/security/cve/CVE-2022-41741
access	www.access.redhat.com/security/cve/CVE-2022-41742
access	www.access.redhat.com/security/cve/CVE-2024-7347
bugzilla	www.bugzilla.redhat.com/2141495
bugzilla	www.bugzilla.redhat.com/2141496
errata	www.errata.almalinux.org/9/ALSA-2025-7402.html

21 May 2025 06:08Current

7.4High risk

Vulners AI Score7.4

CVSS 3.17.1 - 7.8

CVSS 45.7

EPSS0.01069

SSVC

nginx security update memory corruption memory disclosure denial of service cve references unix