Test Kennung:	1.3.6.1.4.1.25623.1.0.126185
Kategorie:	Web Servers
Titel:	Nginx Multiple Vulnerabilities (Oct 2022)
Zusammenfassung:	Nginx is prone to multiple vulnerabilities.
Beschreibung:	Summary: Nginx is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2022-41741: Attacker can cause a worker process crash or worker process memory corruption by using a specially crafted mp4 file. - CVE-2022-41742: Attacker can cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file. Affected Software/OS: Nginx versions 1.0.7 and later, 1.1.3 and later. Note: The issues only affect nginx if it is built with the ngx_http_mp4_module which is not built by default, and the mp4 directive is used in the configuration file. Solution: Update to version 1.22.1, 1.23.2 or later. CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-41741 Debian Security Information: DSA-5281 (Google Search) https://www.debian.org/security/2022/dsa-5281 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/ https://support.f5.com/csp/article/K81926432 https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html Common Vulnerability Exposure (CVE) ID: CVE-2022-41742 https://support.f5.com/csp/article/K28112382
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.