When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 13 Feb 2025 18:15:00 +0000

Type Values Removed Values Added
First Time appeared F5 nginx
CPEs cpe:2.3:a:f5:nginx:1.25.0:*:*:*:*:*:*:*
Vendors & Products F5 nginx
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 24 Jan 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared F5
F5 nginx Open Source
F5 nginx Plus
Fedoraproject
Fedoraproject fedora
CPEs cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*
cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*
cpe:2.3:a:f5:nginx_plus:r30:p2:*:*:*:*:*:*
cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*
cpe:2.3:a:f5:nginx_plus:r31:p1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
Vendors & Products F5
F5 nginx Open Source
F5 nginx Plus
Fedoraproject
Fedoraproject fedora

cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2025-02-13T17:52:17.693Z

Reserved: 2024-05-14T16:31:57.498Z

Link: CVE-2024-32760

cve-icon Vulnrichment

Updated: 2024-08-02T02:20:35.272Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-29T16:15:10.043

Modified: 2025-01-24T16:21:55.993

Link: CVE-2024-32760

cve-icon Redhat

Severity : Important

Publid Date: 2024-05-29T00:00:00Z

Links: CVE-2024-32760 - Bugzilla

cve-icon OpenCVE Enrichment

No data.