DSA-5281-1 nginx -- nginxID: oval:org.secpod.oval:def:85958 | Date: (C)2022-12-07 (M)2023-03-29 |
Class: PATCH | Family: unix |
It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial of service, memory disclosure or potentially the execution of arbitrary code when processing a malformed mp4 file. This module is only enabled in the nginx-extras binary package.
Product: |
libnginx-mod-stream |
libnginx-mod-http-upstream-fair |
libnginx-mod-http-xslt-filter |
libnginx-mod-http-subs-filter |
libnginx-mod-http-lua |
libnginx-mod-mail |
libnginx-mod-http-image-filter |
libnginx-mod-http-auth-pam |
libnginx-mod-http-perl |
libnginx-mod-http-echo |
libnginx-mod-http-dav-ext |
libnginx-mod-nchan |
libnginx-mod-http-ndk |
libnginx-mod-http-fancyindex |
libnginx-mod-http-uploadprogress |
libnginx-mod-http-cache-purge |
libnginx-mod-http-headers-more-filter |
nginx |
libnginx-mod-http-geoip |
libnginx-mod-rtmp |