CVE-2024-7347

🗓️ 14 Aug 2024 15:15:31Reported by [email protected]Type

nvd

nvd🔗 web.nvd.nist.gov👁 35 Views

NGINX mp4 vulnerability allows memory over-read

Reporter	Title	Published	Views	Family All 184
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	19 Dec 202416:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Nginx affects IBM Integrated Analytics System (Sailfish)[CVE-2023-44487, CVE-2024-7347].	17 May 202509:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx	28 Oct 202419:37	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in nginx affects IBM Robotic Process Automatin for Cloud Pak and may result in a denial of service (CVE-2024-7347)	28 Jan 202522:08	–	ibm
FreeBSD	nginx -- Vulnerability in the ngx_http_mp4_module	14 Aug 202400:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2024-707)	9 Sep 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : nginx (ALASNGINX1-2024-007)	9 Sep 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : nginx:1.22 (ALSA-2025:3261)	31 Mar 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : nginx (ALSA-2025:7402)	21 May 202500:00	–	nessus

NVD

Node

f5 nginx_open_sourceRange1.5.13–1.26.2

OR

f5 nginx_open_sourceMatch1.27.0

OR

f5 nginx_plusRanger27–r31

OR

f5 nginx_plusMatchr31-

OR

f5 nginx_plusMatchr31p1

OR

f5 nginx_plusMatchr32-

Source	Link
openwall	www.openwall.com/lists/oss-security/2024/08/14/4
my	www.my.f5.com/manage/s/article/K000140529
lists	www.lists.debian.org/debian-lts-announce/2025/03/msg00017.html

03 Nov 2025 21:18Current

CVSS 3.14.7

CVSS 45.7

EPSS0.00197

CWE-126 CWE-125

nginx mp4 vulnerability memory over-read ngx_http_mp4_module configuration file