Nginx Plus@* Security Vulnerabilities and Issues — Nginx Plus@* CVE List

Lucene search

F5Nginx Plus*

3 matches found

CVE•added 2023/10/10 2:15 p.m.•4413 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.94434EPSS

CVE•added 2024/08/14 3:15 p.m.•354 views

CVE-2024-7347

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 dir...

5.7CVSS4.7AI score0.00106EPSS

CVE•added 2022/10/19 10:15 p.m.•76 views

CVE-2022-41743

NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_hls_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects only NGINX Plus whe...

7CVSS6.9AI score0.00083EPSS