FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nginx -- Two vulnerabilities

Affected packages
1.0.7 <= nginx < 1.22.1
1.1.3 <= nginx-devel < 1.23.2


VuXML ID 676d4f16-4fb3-11ed-a374-8c164567ca3c
Discovery 2022-10-19
Entry 2022-10-19

NGINX Development Team reports:

Two security issues were identified in the ngx_http_mp4_module, which might allow an attacker to cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file, or might have potential other impact (CVE-2022-41741, CVE-2022-41742).


CVE Name CVE-2022-41741
CVE Name CVE-2022-41742