CVE-2022-41743 NGINX ngx_http_hls_module vulnerability CVE-2022-41743

NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttphlsmodule that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects only NGINX Plus when...

PT-2022-5182 · Nginx · Nginx Plus +1

Name of the Vulnerable Software and Affected Versions: NGINX Plus versions prior to R27 P1 and R26 P1 Description: The issue is related to a buffer overflow in the ngx http hls module of NGINX Ingress Controller, which can be exploited to cause a denial of service or potentially other impacts. Th...

Ffmpeg 'read_data' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'readdata' function in the libavformat/hls.c file in FFmpeg version 3.3.3. A remote attacker can exploit this vulnerability to cause a denial of servi...