nginx:1.24 security update

🗓️ 27 Mar 2025 00:00:00Reported by OracleLinuxType

oraclelinux

oraclelinux🔗 linux.oracle.com👁 28 Views

Nginx 1.24 security updates fix vulnerabilities, memory leaks, and SSL passphrase enhancements.

Reporter	Title	Published	Views	Family All 2638
IBM Security Bulletins	Security Bulletin: There is a vulnerability in HTTP/2 protocol used by Netty on IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-44487)	5 Apr 202415:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ is vulnerable to issues in Eclipse (CVE-2023-4218, CVE-2023-44487)	29 Feb 202421:58	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager November 2023 - Multiple CVEs addressed	15 Nov 202313:37	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Storage Scale System	16 Sep 202418:20	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities	15 Apr 202503:05	–	ibm
IBM Security Bulletins	Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester	21 Dec 202317:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common (CVE-2023-44487)	15 Dec 202316:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to denial of service due to HTTP/2 Rapid Reset vulnerability (CVE-2023-44487)	15 Nov 202320:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components	28 Mar 202415:34	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
oracle linux	9	src	nginx	1.24.0-4.0.1.module	nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.src.rpm
oracle linux	9	aarch64	nginx	1.24.0-4.0.1.module	nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
oracle linux	9	noarch	nginx-all-modules	1.24.0-4.0.1.module	nginx-all-modules-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm
oracle linux	9	aarch64	nginx-core	1.24.0-4.0.1.module	nginx-core-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
oracle linux	9	noarch	nginx-filesystem	1.24.0-4.0.1.module	nginx-filesystem-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm
oracle linux	9	aarch64	nginx-mod-devel	1.24.0-4.0.1.module	nginx-mod-devel-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
oracle linux	9	aarch64	nginx-mod-http-image-filter	1.24.0-4.0.1.module	nginx-mod-http-image-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
oracle linux	9	aarch64	nginx-mod-http-perl	1.24.0-4.0.1.module	nginx-mod-http-perl-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
oracle linux	9	aarch64	nginx-mod-http-xslt-filter	1.24.0-4.0.1.module	nginx-mod-http-xslt-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm
oracle linux	9	aarch64	nginx-mod-mail	1.24.0-4.0.1.module	nginx-mod-mail-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm

27 Mar 2025 00:00Current

5.1Medium risk

Vulners AI Score5.1

CVSS 3.14.7

CVSS 45.7

EPSS0.944

SSVC

nginx security updates denial of service memory leak fixes ssl passphrase enhancements ddos vulnerability