Lucene search
K

258 matches found

RedhatCVE
RedhatCVE
added 2024/05/30 8:33 a.m.32 views

CVE-2024-31079

A flaw was found in the nginx HTTP/3 implementation. Undisclosed HTTP/3 requests can trigger a stack-based buffer overflow, causing worker processes to crash and lead to a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not mee...

6.5CVSS6.1AI score0.00872EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/05/30 8:33 a.m.38 views

CVE-2024-32760

A flaw was found in the nginx HTTP/3 implementation. Undisclosed HTTP/3 encoder instructions can trigger an out-of-bounds write error, causing worker processes to crash, leading to a denial of service or other potential impacts. Mitigation Mitigation for this issue is either not available or the...

7.5CVSS6.1AI score0.00848EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/30 12:0 a.m.32 views

FreeBSD : nginx-devel -- Multiple Vulnerabilities in HTTP/3 (320a19f7-1ddd-11ef-a2ae-8c164567ca3c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 320a19f7-1ddd-11ef-a2ae-8c164567ca3c advisory. The nginx development team reports: This update fixes the following vulnerabilities: Tenable h...

6.5CVSS6.4AI score0.00917EPSS
Exploits0References5
OSV
OSV
added 2024/05/29 4:15 p.m.19 views

CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

5.3CVSS6.7AI score
Exploits0References4
OSV
OSV
added 2024/05/29 4:15 p.m.19 views

CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact...

6.5CVSS6.7AI score
Exploits0References4
OSV
OSV
added 2024/05/29 4:15 p.m.21 views

CVE-2024-34161

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

5.3CVSS6.6AI score
Exploits0References4
NVD
NVD
added 2024/05/29 4:15 p.m.20 views

CVE-2024-34161

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

5.3CVSS5.2AI score0.00867EPSS
Exploits0References4
NVD
NVD
added 2024/05/29 4:15 p.m.19 views

CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

5.3CVSS5.3AI score0.00917EPSS
Exploits0References4
NVD
NVD
added 2024/05/29 4:15 p.m.14 views

CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact...

6.5CVSS6.3AI score0.00848EPSS
Exploits0References4
NVD
NVD
added 2024/05/29 4:15 p.m.24 views

CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

4.8CVSS5.1AI score0.00872EPSS
Exploits0References4
OSV
OSV
added 2024/05/29 4:15 p.m.18 views

CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

4.8CVSS6.6AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/29 4:15 p.m.26 views

CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

4.8CVSS6.7AI score0.00872EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/05/29 4:15 p.m.35 views

CVE-2024-34161

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

5.3CVSS6.8AI score0.00867EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/05/29 4:15 p.m.30 views

CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact...

6.5CVSS6.9AI score0.00848EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/05/29 4:15 p.m.21 views

CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

5.3CVSS6.8AI score0.00917EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/29 4:2 p.m.28 views

CVE-2024-34161 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

5.3CVSS5.2AI score0.00867EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/29 4:2 p.m.34 views

CVE-2024-34161 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

5.3CVSS5.2AI score0.00867EPSS
Exploits0References4
CVE
CVE
added 2024/05/29 4:2 p.m.342 views

CVE-2024-34161

CVE-2024-34161 affects NGINX Plus and NGINX Open Source when using the HTTP/3 QUIC module with MTU 4096+ without fragmentation. The root cause is in the HTTP/3 QUIC module (ngx_http_v3_module) handling QUIC packets, which can cause leakage of previously freed memory in NGINX worker processes. The...

5.3CVSS5.2AI score0.00867EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichment
added 2024/05/29 4:2 p.m.29 views

CVE-2024-35200 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

5.3CVSS5.2AI score0.00917EPSS
Exploits0References4
CVE
CVE
added 2024/05/29 4:2 p.m.345 views

CVE-2024-35200

CVE-2024-35200 affects NGINX Plus and NGINX Open Source when the HTTP/3 QUIC module (ngx_http_v3_module) is enabled. The underlying issue causes NGINX worker processes to terminate after undisclosed HTTP/3 requests, resulting in a denial-of-service. Affected versions (per connected advisories) in...

5.3CVSS5.2AI score0.00917EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder