Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 nginx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-43285
Nginx NJS v0.7.4 exists to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.
F5 Njs 0.7.4
NA
CVE-2022-43286
Nginx NJS v0.7.2 exists to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.
F5 Njs 0.7.2
NA
CVE-2022-41743
NGINX Plus prior to R27 P1 and R26 P1 have a vulnerability in the module ngx_http_hls_module that might allow a local malicious user to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects o...
F5 Nginx Plus
F5 Nginx Ingress Controller
NA
CVE-2022-41741
NGINX Open Source prior to 1.23.2 and 1.22.1, NGINX Open Source Subscription prior to R2 P1 and R1 P1, and NGINX Plus prior to R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local malicious user to corrupt NGINX worker memory, resultin...
F5 Nginx Ingress Controller
F5 Nginx
F5 Nginx 1.23.1
F5 Nginx 1.23.0
F5 Nginx R2
F5 Nginx R1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
NA
CVE-2022-41742
NGINX Open Source prior to 1.23.2 and 1.22.1, NGINX Open Source Subscription prior to R2 P1 and R1 P1, and NGINX Plus prior to R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local malicious user to cause a worker process crash, or migh...
F5 Nginx Ingress Controller
F5 Nginx
F5 Nginx 1.23.1
F5 Nginx 1.23.0
F5 Nginx R2
F5 Nginx R1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-38890
Nginx NJS v0.7.7 exists to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h
F5 Njs 0.7.7
NA
CVE-2022-35241
In versions 2.x prior to 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Nginx Instance Manager
NA
CVE-2022-30535
In versions 2.x prior to 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Nginx Ingress Controller
NA
CVE-2022-34027
Nginx NJS v0.7.4 exists to contain a segmentation violation via njs_value_property at njs_value.c.
F5 Njs 0.7.4
NA
CVE-2022-34028
Nginx NJS v0.7.5 exists to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h.
F5 Njs 0.7.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »