When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.
Hi,
This was on the nginx-announce list yesterday:
mailmannginxorg/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6html
---
[nginx-announce] nginx security advisory (CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200)
Sergey Kandaurov pluknet at nginxcom
Wed May 29 15:12:07 UTC 2024
Hello!
Four security is ...