Vulnerability-Lookup

alsa-2025:7402

Vulnerability from osv_almalinux

Published

2025-05-13 00:00

Modified

2025-05-21 06:08

Summary

Moderate: nginx security update

Details

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

Security Fix(es):

nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)
nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)
nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2025:7402	ADVISORY
	https://access.redhat.com/security/cve/CVE-2022-41741	REPORT
	https://access.redhat.com/security/cve/CVE-2022-41742	REPORT
	https://access.redhat.com/security/cve/CVE-2024-7347	REPORT
	https://bugzilla.redhat.com/2141495	REPORT
	https://bugzilla.redhat.com/2141496	REPORT
	https://errata.almalinux.org/9/ALSA-2025-7402.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-all-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-filesystem"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-mod-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-mod-http-image-filter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-mod-http-perl"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-mod-http-xslt-filter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-mod-mail"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "nginx-mod-stream"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:1.20.1-22.el9_6.2.alma.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.   \n\nSecurity Fix(es):  \n\n  * nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)\n  * nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)\n  * nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:7402",
  "modified": "2025-05-21T06:08:36Z",
  "published": "2025-05-13T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:7402"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-41741"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-41742"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-7347"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2141495"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2141496"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2025-7402.html"
    }
  ],
  "related": [
    "CVE-2022-41741",
    "CVE-2022-41742",
    "CVE-2024-7347"
  ],
  "summary": "Moderate: nginx security update"
}

CVE-2022-41742 (GCVE-0-2022-41742)

Vulnerability from cvelistv5 – Published: 2022-10-19 21:20 – Updated: 2025-05-08 18:11

Title

NGINX ngx_http_mp4_module vulnerability CVE-2022-41742

Summary

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

References

URL

Tags

	https://support.f5.com/csp/article/K28112382
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.debian.org/security/2022/dsa-5281	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2022…	mailing-list
	https://security.netapp.com/advisory/ntap-2023012…

Impacted products

Vendor

Product

Version

NGINX

Affected: Mainline , < 1.23.2 (custom)
Affected: Stable , < 1.22.1 (custom)

	F5	NGINX Plus	Affected: R27 , < R27-p1 (custom) Affected: R1 , < R26-p1 (custom)
	F5	NGINX Open Source Subscription	Affected: R2 , < R2 P1 (custom) Affected: R1 , < R1 P1 (custom)

Date Public ?

2022-10-19 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:49:44.037Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K28112382"
          },
          {
            "name": "FEDORA-2022-b0f5bc2175",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
          },
          {
            "name": "FEDORA-2022-97de53f202",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
          },
          {
            "name": "FEDORA-2022-12721789aa",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
          },
          {
            "name": "DSA-5281",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5281"
          },
          {
            "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-41742",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T18:11:21.947795Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-08T18:11:30.671Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NGINX",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "1.23.2",
              "status": "affected",
              "version": "Mainline",
              "versionType": "custom"
            },
            {
              "lessThan": "1.22.1",
              "status": "affected",
              "version": "Stable",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "NGINX Plus",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "R27-p1",
              "status": "affected",
              "version": "R27",
              "versionType": "custom"
            },
            {
              "lessThan": "R26-p1",
              "status": "affected",
              "version": "R1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "NGINX Open Source Subscription",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "R2 P1",
              "status": "affected",
              "version": "R2",
              "versionType": "custom"
            },
            {
              "lessThan": "R1 P1",
              "status": "affected",
              "version": "R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-10-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-20T00:00:00.000Z",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "url": "https://support.f5.com/csp/article/K28112382"
        },
        {
          "name": "FEDORA-2022-b0f5bc2175",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
        },
        {
          "name": "FEDORA-2022-97de53f202",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
        },
        {
          "name": "FEDORA-2022-12721789aa",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
        },
        {
          "name": "DSA-5281",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5281"
        },
        {
          "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
        }
      ],
      "source": {
        "defect": [
          "NWA-1396"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "NGINX ngx_http_mp4_module vulnerability CVE-2022-41742",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2022-41742",
    "datePublished": "2022-10-19T21:20:50.106Z",
    "dateReserved": "2022-09-28T00:00:00.000Z",
    "dateUpdated": "2025-05-08T18:11:30.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-41741 (GCVE-0-2022-41741)

Vulnerability from cvelistv5 – Published: 2022-10-19 21:20 – Updated: 2025-05-08 18:12

Title

NGINX ngx_http_mp4_module vulnerability CVE-2022-41741

Summary

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.

Severity ?

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

References

URL

Tags

	https://support.f5.com/csp/article/K81926432
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.debian.org/security/2022/dsa-5281	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2022…	mailing-list
	https://security.netapp.com/advisory/ntap-2023012…

Impacted products

Vendor

Product

Version

NGINX

Affected: Mainline , < 1.23.2 (custom)
Affected: Stable , < 1.22.1 (custom)

	F5	NGINX Plus	Affected: R27 , < R27-p1 (custom) Affected: R1 , < R26-p1 (custom)
	F5	NGINX Open Source Subscription	Affected: R2 , < R2 P1 (custom) Affected: R1 , < R1 P1 (custom)

Date Public ?

2022-10-19 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:49:43.730Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K81926432"
          },
          {
            "name": "FEDORA-2022-b0f5bc2175",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
          },
          {
            "name": "FEDORA-2022-97de53f202",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
          },
          {
            "name": "FEDORA-2022-12721789aa",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
          },
          {
            "name": "DSA-5281",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5281"
          },
          {
            "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-41741",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T18:12:04.179522Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-08T18:12:10.565Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NGINX",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "1.23.2",
              "status": "affected",
              "version": "Mainline",
              "versionType": "custom"
            },
            {
              "lessThan": "1.22.1",
              "status": "affected",
              "version": "Stable",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "NGINX Plus",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "R27-p1",
              "status": "affected",
              "version": "R27",
              "versionType": "custom"
            },
            {
              "lessThan": "R26-p1",
              "status": "affected",
              "version": "R1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "NGINX Open Source Subscription",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "R2 P1",
              "status": "affected",
              "version": "R2",
              "versionType": "custom"
            },
            {
              "lessThan": "R1 P1",
              "status": "affected",
              "version": "R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-10-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-20T00:00:00.000Z",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "url": "https://support.f5.com/csp/article/K81926432"
        },
        {
          "name": "FEDORA-2022-b0f5bc2175",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/"
        },
        {
          "name": "FEDORA-2022-97de53f202",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/"
        },
        {
          "name": "FEDORA-2022-12721789aa",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/"
        },
        {
          "name": "DSA-5281",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5281"
        },
        {
          "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230120-0005/"
        }
      ],
      "source": {
        "defect": [
          "NWA-1396"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "NGINX ngx_http_mp4_module vulnerability CVE-2022-41741",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2022-41741",
    "datePublished": "2022-10-19T21:20:24.882Z",
    "dateReserved": "2022-09-28T00:00:00.000Z",
    "dateUpdated": "2025-05-08T18:12:10.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7347 (GCVE-0-2024-7347)

Vulnerability from cvelistv5 – Published: 2024-08-14 14:32 – Updated: 2025-11-03 20:56

Title

NGINX MP4 module vulnerability

Summary

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Severity ?

4.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

5.7 (Medium)


                        
                          CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-126 - Buffer Over-read

Assigner

References

URL

Tags

https://my.f5.com/manage/s/article/K000140529

vendor-advisory

Impacted products

Vendor

Product

Version

NGINX Open Source

Affected: 1.5.13 , < * (semver)

NGINX Plus

Affected: R4 , < * (custom)

Date Public ?

2024-08-14 14:00

Credits

F5 acknowledges Nils Bars for bringing this issue to our attention and following the highest standards of coordinated disclosure.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7347",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-14T15:27:31.795805Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-14T15:27:40.461Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:56:24.679Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/08/14/4"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "modules": [
            "ngx_http_mp4_module"
          ],
          "product": "NGINX Open Source",
          "vendor": "F5",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.26.2",
                  "status": "unaffected"
                },
                {
                  "at": "1.27.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "1.5.13",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "modules": [
            "ngx_http_m4_module"
          ],
          "product": "NGINX Plus",
          "vendor": "F5",
          "versions": [
            {
              "changes": [
                {
                  "at": "R31 P3",
                  "status": "unaffected"
                },
                {
                  "at": "R32 P1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "R4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "F5 acknowledges Nils Bars for bringing this issue to our attention and following the highest standards of coordinated disclosure."
        }
      ],
      "datePublic": "2024-08-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.\u003c/span\u003e\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
            }
          ],
          "value": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126: Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-14T15:08:07.257Z",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://my.f5.com/manage/s/article/K000140529"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "NGINX MP4 module vulnerability",
      "x_generator": {
        "engine": "F5 SIRTBot v1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2024-7347",
    "datePublished": "2024-08-14T14:32:33.913Z",
    "dateReserved": "2024-07-31T17:59:09.786Z",
    "dateUpdated": "2025-11-03T20:56:24.679Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

alsa-2025:7402

Vulnerability from osv_almalinux

CVE-2022-41742 (GCVE-0-2022-41742)

CVE-2022-41741 (GCVE-0-2022-41741)

CVE-2024-7347 (GCVE-0-2024-7347)

Tags

Sightings

Nomenclature