Vulnerabilities > F5 > Nginx Instance Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-06 | CVE-2024-10318 | Session Fixation vulnerability in F5 products A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at login time. | 5.4 |
| 2024-08-22 | CVE-2024-7634 | Path Traversal vulnerability in F5 Nginx Agent and Nginx Instance Manager NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory. | 4.9 |
| 2022-08-04 | CVE-2022-35241 | Unspecified vulnerability in F5 Nginx Instance Manager In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. | 6.5 |