CPE-528CF120-6096-4753-9047-4CBCB6CD1C6F Detail

CPE Details

F5 NGINX Plus R30

Vendor

Product

nginx_plus

Version

r30

Created

2023-10-18
13h52 +00:00

Modified

2023-10-18
13h52 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:f5:nginx_plus:r30:-::::::

Informations

Vendor

Product

nginx_plus

Version

r30

Update

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-7347	2024-08-14 14h32 +00:00	NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.	5.7	Medium
CVE-2024-39792	2024-08-14 14h32 +00:00	When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.	8.7	High
CVE-2024-34161	2024-05-29 16h02 +00:00	When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory.	5.3	Medium
CVE-2024-35200	2024-05-29 16h02 +00:00	When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.	5.3	Medium
CVE-2024-32760	2024-05-29 16h02 +00:00	When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.	6.5	Medium
CVE-2024-31079	2024-05-29 16h02 +00:00	When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker has no visibility and limited influence over.	4.8	Medium
CVE-2024-24990	2024-02-14 16h30 +00:00	When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated	7.5	High
CVE-2023-44487	2023-10-10 00h00 +00:00	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.	7.5	High

F5 NGINX Plus R30

CPE Details

CPE Name: cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:f5:nginx_plus:r30:-::::::