Vulnerabilities > F5 > Nginx Open Source > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2024-24989 NULL Pointer Dereference vulnerability in F5 Nginx Open Source and Nginx Plus
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental.
network
low complexity
f5 CWE-476
7.5
7.5
2024-02-14 CVE-2024-24990 Use After Free vulnerability in F5 Nginx Open Source and Nginx Plus
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental.
network
low complexity
f5 CWE-416
7.5
7.5