CVE-2024-32760

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published May 29, 2024

Updated: Jun 10, 2024

CWE ID 787

Summary

CVE-2024-32760 is a newly discovered vulnerability affecting NGINX Plus and Open Source (NGINX OSS) when using the HTTP/3 QUIC module. The issue arises from undisclosed HTTP/3 encoder instructions that can lead NGINX worker processes to terminate or cause other potential impacts. This vulnerability poses a risk to websites and applications utilizing NGINX servers with the HTTP/3 QUIC module enabled. Further details, including exploit methods and potential mitigations, have not been disclosed at this time.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

F5 Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wLDMXV
https://www.cve.org/CVERecord?id=CVE-2024-32760
https://nvd.nist.gov/vuln/detail/CVE-2024-32760

Back to Vulnerability Database

CVE-2024-32760

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations