Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-24989

Опубликовано: 14 фев. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
jammy

not-affected

code not present
mantic

not-affected

code not present
noble

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 67%
0.00558
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-24989

CVSS3: 7.5
redhat
больше 1 года назад

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated

nvd логотип

CVE-2024-24989

CVSS3: 7.5
nvd
больше 1 года назад

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated

debian логотип

CVE-2024-24989

CVSS3: 7.5
debian
больше 1 года назад

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC mod ...

github логотип

GHSA-m46h-9pv9-w5xp

CVSS3: 7.5
github
больше 1 года назад

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html . NOTE: Software versions which have reached End of Technical Support (EoTS) are not evaluated

fstec логотип

BDU:2024-01321

CVSS3: 7.5
fstec
больше 1 года назад

Уязвимость модуля HTTP/3 QUIC веб-серверов NGINX Plus, NGINX OSS, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 67%
0.00558
Низкий

7.5 High

CVSS3