All the vulnerabilites related to F5 - NGINX Open Source
cve-2024-35200
Vulnerability from cvelistv5
Published
2024-05-29 16:02
Modified
2024-08-02 03:07
Summary
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.
Impacted products
Vendor Product Version
F5 NGINX Plus Version: R30   < R32
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx_plus",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "r31",
                        status: "affected",
                        version: "r30",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx:1.25.0:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "1.26.0",
                        status: "affected",
                        version: "1.25.0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "fedora",
                  vendor: "fedoraproject",
                  versions: [
                     {
                        status: "affected",
                        version: "39",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "fedora",
                  vendor: "fedoraproject",
                  versions: [
                     {
                        status: "affected",
                        version: "40",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-35200",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-29T18:35:12.047696Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-31T20:51:58.724Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T03:07:46.774Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://my.f5.com/manage/s/article/K000139612",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Open Source",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "1.26.1",
                     status: "affected",
                     version: "1.25.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Plus",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "R32",
                     status: "affected",
                     version: "R30",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "reporter",
               value: "F5 acknowledges Nils Bars of CISPA for bringing this issue to our attention and following the highest standards of coordinated disclosure.",
            },
         ],
         datePublic: "2024-05-29T14:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.",
                  },
               ],
               value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476 NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-29T16:02:05.342Z",
            orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            shortName: "f5",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://my.f5.com/manage/s/article/K000139612",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "NGINX HTTP/3 QUIC vulnerability",
         x_generator: {
            engine: "F5 SIRTBot v1.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
      assignerShortName: "f5",
      cveId: "CVE-2024-35200",
      datePublished: "2024-05-29T16:02:05.342Z",
      dateReserved: "2024-05-14T16:31:57.502Z",
      dateUpdated: "2024-08-02T03:07:46.774Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-34161
Vulnerability from cvelistv5
Published
2024-05-29 16:02
Modified
2024-08-02 02:51
Summary
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory.
Impacted products
Vendor Product Version
F5 NGINX Plus Version: R30   < R32
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx_plus",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "r31",
                        status: "affected",
                        version: "r30",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx:1.25.0:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "1.26.0",
                        status: "affected",
                        version: "1.25.0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-34161",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-29T18:37:24.017204Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:40:56.027Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T02:51:10.486Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://my.f5.com/manage/s/article/K000139627",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Open Source",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "1.26.1",
                     status: "affected",
                     version: "1.25.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Plus",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "R32",
                     status: "affected",
                     version: "R30",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "F5",
            },
         ],
         datePublic: "2024-05-29T14:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory.",
                  },
               ],
               value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "CWE-416 Use After Free",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-29T16:02:05.696Z",
            orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            shortName: "f5",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://my.f5.com/manage/s/article/K000139627",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
            },
         ],
         source: {
            discovery: "INTERNAL",
         },
         title: "NGINX HTTP/3 QUIC vulnerability",
         x_generator: {
            engine: "F5 SIRTBot v1.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
      assignerShortName: "f5",
      cveId: "CVE-2024-34161",
      datePublished: "2024-05-29T16:02:05.696Z",
      dateReserved: "2024-05-14T16:31:57.509Z",
      dateUpdated: "2024-08-02T02:51:10.486Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-7347
Vulnerability from cvelistv5
Published
2024-08-14 14:32
Modified
2024-08-14 19:02
Summary
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Impacted products
Vendor Product Version
F5 NGINX Plus Version: R4   < *
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-7347",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-14T15:27:31.795805Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-14T15:27:40.461Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-14T19:02:29.824Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  url: "http://www.openwall.com/lists/oss-security/2024/08/14/4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               modules: [
                  "ngx_http_mp4_module",
               ],
               product: "NGINX Open Source",
               vendor: "F5",
               versions: [
                  {
                     changes: [
                        {
                           at: "1.26.2",
                           status: "unaffected",
                        },
                        {
                           at: "1.27.1",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "*",
                     status: "affected",
                     version: "1.5.13",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               modules: [
                  "ngx_http_m4_module",
               ],
               product: "NGINX Plus",
               vendor: "F5",
               versions: [
                  {
                     changes: [
                        {
                           at: "R31 P3",
                           status: "unaffected",
                        },
                        {
                           at: "R32 P1",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "*",
                     status: "affected",
                     version: "R4",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "F5 acknowledges Nils Bars for bringing this issue to our attention and following the highest standards of coordinated disclosure.",
            },
         ],
         datePublic: "2024-08-14T14:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<span style=\"background-color: rgb(255, 255, 255);\">NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.</span>&nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
                  },
               ],
               value: "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
            {
               cvssV4_0: {
                  Automatable: "NOT_DEFINED",
                  Recovery: "NOT_DEFINED",
                  Safety: "NOT_DEFINED",
                  attackComplexity: "HIGH",
                  attackRequirements: "PRESENT",
                  attackVector: "LOCAL",
                  baseScore: 5.7,
                  baseSeverity: "MEDIUM",
                  privilegesRequired: "LOW",
                  providerUrgency: "NOT_DEFINED",
                  subAvailabilityImpact: "NONE",
                  subConfidentialityImpact: "NONE",
                  subIntegrityImpact: "NONE",
                  userInteraction: "NONE",
                  valueDensity: "NOT_DEFINED",
                  vectorString: "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                  version: "4.0",
                  vulnAvailabilityImpact: "HIGH",
                  vulnConfidentialityImpact: "NONE",
                  vulnIntegrityImpact: "NONE",
                  vulnerabilityResponseEffort: "NOT_DEFINED",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-126",
                     description: "CWE-126: Buffer Over-read",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-08-14T15:08:07.257Z",
            orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            shortName: "f5",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://my.f5.com/manage/s/article/K000140529",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "NGINX MP4 module vulnerability",
         x_generator: {
            engine: "F5 SIRTBot v1.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
      assignerShortName: "f5",
      cveId: "CVE-2024-7347",
      datePublished: "2024-08-14T14:32:33.913Z",
      dateReserved: "2024-07-31T17:59:09.786Z",
      dateUpdated: "2024-08-14T19:02:29.824Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-24989
Vulnerability from cvelistv5
Published
2024-02-14 16:30
Modified
2024-08-01 23:36
Summary
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Impacted products
Vendor Product Version
F5 NGINX Open Source Version: 1.25.3   
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T23:36:21.189Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://my.f5.com/manage/s/article/K000138444",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
                  "QUIC",
               ],
               product: "NGINX Plus",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "R31 P1",
                     status: "affected",
                     version: "R31",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
                  "QUIC",
               ],
               product: "NGINX Open Source",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "1.25.4",
                     status: "affected",
                     version: "1.25.3",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "F5",
            },
         ],
         datePublic: "2024-02-14T15:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "\n\n<p>When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.</p><p><strong>Note</strong>: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to <a target=\"_blank\" rel=\"nofollow\" href=\"https://nginx.org/en/docs/quic.html\">Support for QUIC and HTTP/3</a>.<br><br>\n\nNOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n<br></p>\n\n<p></p>",
                  },
               ],
               value: "\nWhen NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.\n\nNote: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to  Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html .\n\n\n\nNOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\n\n\n\n\n\n\n",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476 NULL Pointer Dereference",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-14T16:30:26.081Z",
            orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            shortName: "f5",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://my.f5.com/manage/s/article/K000138444",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
            },
         ],
         source: {
            discovery: "INTERNAL",
         },
         title: "NGINX HTTP/3 QUIC vulnerability",
         x_generator: {
            engine: "F5 SIRTBot v1.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
      assignerShortName: "f5",
      cveId: "CVE-2024-24989",
      datePublished: "2024-02-14T16:30:26.081Z",
      dateReserved: "2024-02-02T00:32:55.375Z",
      dateUpdated: "2024-08-01T23:36:21.189Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-31079
Vulnerability from cvelistv5
Published
2024-05-29 16:02
Modified
2024-08-02 01:46
Summary
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker has no visibility and limited influence over.
Impacted products
Vendor Product Version
F5 NGINX Plus Version: R30   < R32
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx_plus",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "r31",
                        status: "affected",
                        version: "r30",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx:1.25.0:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "1.26.0",
                        status: "affected",
                        version: "1.25.0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-31079",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-29T18:38:41.360338Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:36:54.175Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T01:46:04.427Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://my.f5.com/manage/s/article/K000139611",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Open Source",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "1.26.1",
                     status: "affected",
                     version: "1.25.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Plus",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "R32",
                     status: "affected",
                     version: "R30",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "reporter",
               value: "F5 acknowledges Nils Bars of CISPA for bringing this issue to our attention and following the highest standards of coordinated disclosure.",
            },
         ],
         datePublic: "2024-05-29T14:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause&nbsp;other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker has no visibility and limited influence over.",
                  },
               ],
               value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker has no visibility and limited influence over.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 4.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-121",
                     description: "CWE-121 Stack-based Buffer Overflow",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-29T16:02:04.620Z",
            orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            shortName: "f5",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://my.f5.com/manage/s/article/K000139611",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "NGINX HTTP/3 QUIC vulnerability",
         x_generator: {
            engine: "F5 SIRTBot v1.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
      assignerShortName: "f5",
      cveId: "CVE-2024-31079",
      datePublished: "2024-05-29T16:02:04.620Z",
      dateReserved: "2024-05-14T16:31:57.492Z",
      dateUpdated: "2024-08-02T01:46:04.427Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-24990
Vulnerability from cvelistv5
Published
2024-02-14 16:30
Modified
2024-08-01 23:36
Summary
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Impacted products
Vendor Product Version
F5 NGINX Open Source Version: 1.25.0   
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T23:36:21.362Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://my.f5.com/manage/s/article/K000138445",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
                  "QUIC",
               ],
               product: "NGINX Plus",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "R31 P1",
                     status: "affected",
                     version: "R31",
                     versionType: "custom",
                  },
                  {
                     lessThan: "R30 P2",
                     status: "affected",
                     version: "R30",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
                  "QUIC",
               ],
               product: "NGINX Open Source",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "1.25.4",
                     status: "affected",
                     version: "1.25.0",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "F5",
            },
         ],
         datePublic: "2024-02-14T15:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "\n\n<p>When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.</p><p><strong>Note</strong>: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to <a target=\"_blank\" rel=\"nofollow\" href=\"https://nginx.org/en/docs/quic.html\">Support for QUIC and HTTP/3</a>.</p>\n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
                  },
               ],
               value: "\nWhen NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.\n\nNote: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to  Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html .\n\n\n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-416",
                     description: "CWE-416 Use After Free",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-14T16:30:26.445Z",
            orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            shortName: "f5",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://my.f5.com/manage/s/article/K000138445",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
            },
         ],
         source: {
            discovery: "INTERNAL",
         },
         title: "NGINX HTTP/3 QUIC vulnerability",
         x_generator: {
            engine: "F5 SIRTBot v1.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
      assignerShortName: "f5",
      cveId: "CVE-2024-24990",
      datePublished: "2024-02-14T16:30:26.445Z",
      dateReserved: "2024-02-02T00:32:55.375Z",
      dateUpdated: "2024-08-01T23:36:21.362Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-32760
Vulnerability from cvelistv5
Published
2024-05-29 16:02
Modified
2024-08-02 02:20
Summary
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.
Impacted products
Vendor Product Version
F5 NGINX Plus Version: R30   < R32
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx_plus",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "r31",
                        status: "affected",
                        version: "r30",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:f5:nginx:1.25.0:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "nginx",
                  vendor: "f5",
                  versions: [
                     {
                        lessThanOrEqual: "1.26.0",
                        status: "affected",
                        version: "1.25.0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "fedora",
                  vendor: "fedoraproject",
                  versions: [
                     {
                        status: "affected",
                        version: "39",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "fedora",
                  vendor: "fedoraproject",
                  versions: [
                     {
                        status: "affected",
                        version: "40",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-32760",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-29T18:25:43.593460Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-31T20:52:45.607Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T02:20:35.272Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://my.f5.com/manage/s/article/K000139609",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Open Source",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "1.26.1",
                     status: "affected",
                     version: "1.25.0",
                     versionType: "semver",
                  },
               ],
            },
            {
               defaultStatus: "unknown",
               modules: [
                  "HTTP/3",
               ],
               product: "NGINX Plus",
               vendor: "F5",
               versions: [
                  {
                     lessThan: "R32",
                     status: "affected",
                     version: "R30",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "reporter",
               value: "F5 acknowledges Nils Bars of CISPA for bringing this issue to our attention and following the highest standards of coordinated disclosure.",
            },
         ],
         datePublic: "2024-05-29T14:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.",
                  },
               ],
               value: "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-787",
                     description: "CWE-787 Out-of-bounds Write",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-29T16:02:04.985Z",
            orgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
            shortName: "f5",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://my.f5.com/manage/s/article/K000139609",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/30/4",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "NGINX HTTP/3 QUIC vulnerability",
         x_generator: {
            engine: "F5 SIRTBot v1.0",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
      assignerShortName: "f5",
      cveId: "CVE-2024-32760",
      datePublished: "2024-05-29T16:02:04.985Z",
      dateReserved: "2024-05-14T16:31:57.498Z",
      dateUpdated: "2024-08-02T02:20:35.272Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}