FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nginx -- Two vulnerabilities

Affected packages
1.0.7 <= nginx < 1.22.1
1.1.3 <= nginx-devel < 1.23.2

Details

VuXML ID 676d4f16-4fb3-11ed-a374-8c164567ca3c
Discovery 2022-10-19
Entry 2022-10-19

NGINX Development Team reports:

Two security issues were identified in the ngx_http_mp4_module, which might allow an attacker to cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file, or might have potential other impact (CVE-2022-41741, CVE-2022-41742).

[source]

References

CVE Name CVE-2022-41741
CVE Name CVE-2022-41742
URL https://mailman.nginx.org/archives/list/nginx@nginx.org/thread/F7TMIHDNNU3M52GYS23UWDWW2R2BLVVH/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.