EUVD-2026-14883

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

PT-2026-27436

Name of the Vulnerable Software and Affected Versions NGINX Open Source and NGINX Plus versions affected versions not specified Description NGINX Open Source and NGINX Plus, when built with the ngx http mp4 module module and configured with the mp4 directive, are susceptible to a buffer over-read...

nginx: Memory corruption in the ngx_http_mp4_module

A vulnerability was found in NGINX's module, ngxhttpmp4module. This flaw allows a local attacker to corrupt NGINX worker memory, resulting in its termination using a specially crafted audio or video file. The issue affects only NGINX products built with ngxhttpmp4module when the mp4 directive is...

ALPINE-CVE-2024-7347

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and the mp4 directi...