F5 Networks Nginx Plus
Recent F5 Networks Nginx Plus Security Advisories
| Advisory | Title | Published |
|---|---|---|
| K12331123 | NGINX Plus and Open Source vulnerability CVE-2021-23017 | May 25, 2021 |
By the Year
In 2024 there have been 0 vulnerabilities in F5 Networks Nginx Plus . Last year Nginx Plus had 1 security vulnerability published. Right now, Nginx Plus is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.50 |
| 2022 | 1 | 7.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Nginx Plus vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent F5 Networks Nginx Plus Security Vulnerabilities
The HTTP/2 protocol
CVE-2023-44487
7.5 - High
- October 10, 2023
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Resource Exhaustion
NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_hls_module
CVE-2022-41743
7 - High
- October 19, 2022
NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_hls_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects only NGINX Plus when the hls directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_hls_module.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for F5 Networks Nginx Ingress Controller or by F5 Networks? Click the Watch button to subscribe.
