CVE-2022-41741
Vulnerability from cvelistv5
Published
2022-10-19 21:20
Modified
2024-09-17 04:20
Severity ?
EPSS score ?
Summary
NGINX ngx_http_mp4_module vulnerability CVE-2022-41741
References
Impacted products
▼ | Vendor | Product |
---|---|---|
F5 | NGINX | |
F5 | NGINX Plus | |
F5 | NGINX Open Source Subscription |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:49:43.730Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://support.f5.com/csp/article/K81926432" }, { "name": "FEDORA-2022-b0f5bc2175", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/" }, { "name": "FEDORA-2022-97de53f202", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/" }, { "name": "FEDORA-2022-12721789aa", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/" }, { "name": "DSA-5281", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5281" }, { "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230120-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "NGINX", "vendor": "F5", "versions": [ { "lessThan": "1.23.2", "status": "affected", "version": "Mainline", "versionType": "custom" }, { "lessThan": "1.22.1", "status": "affected", "version": "Stable", "versionType": "custom" } ] }, { "product": "NGINX Plus", "vendor": "F5", "versions": [ { "lessThan": "R27-p1", "status": "affected", "version": "R27", "versionType": "custom" }, { "lessThan": "R26-p1", "status": "affected", "version": "R1", "versionType": "custom" } ] }, { "product": "NGINX Open Source Subscription", "vendor": "F5", "versions": [ { "lessThan": "R2 P1", "status": "affected", "version": "R2", "versionType": "custom" }, { "lessThan": "R1 P1", "status": "affected", "version": "R1", "versionType": "custom" } ] } ], "datePublic": "2022-10-19T00:00:00", "descriptions": [ { "lang": "en", "value": "NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-20T00:00:00", "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5" }, "references": [ { "url": "https://support.f5.com/csp/article/K81926432" }, { "name": "FEDORA-2022-b0f5bc2175", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/" }, { "name": "FEDORA-2022-97de53f202", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/" }, { "name": "FEDORA-2022-12721789aa", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/" }, { "name": "DSA-5281", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5281" }, { "name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230120-0005/" } ], "source": { "defect": [ "NWA-1396" ], "discovery": "EXTERNAL" }, "title": "NGINX ngx_http_mp4_module vulnerability CVE-2022-41741", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "assignerShortName": "f5", "cveId": "CVE-2022-41741", "datePublished": "2022-10-19T21:20:24.882506Z", "dateReserved": "2022-09-28T00:00:00", "dateUpdated": "2024-09-17T04:20:48.625Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2022-41741\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2022-10-19T22:15:12.647\",\"lastModified\":\"2023-11-07T03:52:58.060\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.\"},{\"lang\":\"es\",\"value\":\"NGINX Open Source versiones anteriores a 1.23.2 y 1.22.1, NGINX Open Source Subscription versiones anteriores a R2 P1 y R1 P1, y NGINX Plus anteriores a R27 P1 y R26 P1, presentan una vulnerabilidad en el m\u00f3dulo ngx_http_mp4_module que podr\u00eda permitir a un atacante local corromper la memoria del trabajador de NGINX, resultando en su terminaci\u00f3n o cualquier otro impacto potencial usando un archivo de audio o v\u00eddeo especialmente dise\u00f1ado. El problema afecta s\u00f3lo a productos NGINX que son construidos con el m\u00f3dulo ngx_http_mp4_, cuando es usada la directiva mp4 en el archivo de configuraci\u00f3n. Adem\u00e1s, el ataque s\u00f3lo es posible si un atacante puede desencadenar el procesamiento de un archivo de audio o v\u00eddeo especialmente dise\u00f1ado con el m\u00f3dulo ngx_http_mp4_module\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"f5sirt@f5.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"f5sirt@f5.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:open_source:*:*:*\",\"versionStartIncluding\":\"1.1.3\",\"versionEndIncluding\":\"1.22.0\",\"matchCriteriaId\":\"37C2C47D-5B99-4A7F-8EE8-4E5988BA7CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:plus:*:*:*\",\"versionStartIncluding\":\"r22\",\"versionEndIncluding\":\"r27\",\"matchCriteriaId\":\"B1966323-7D3A-4102-AAB8-C007745BB766\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:1.23.0:*:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"34B07066-845C-45AA-9F0E-576B10EF02EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:1.23.1:*:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"8FC6884B-0C16-4ACF-8264-4AC34B9167CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:r1:*:*:*:open_source_subscription:*:*:*\",\"matchCriteriaId\":\"666D5C24-4F5A-44D9-B22C-6F0C46164B82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:r2:*:*:*:open_source_subscription:*:*:*\",\"matchCriteriaId\":\"0EF2AA63-F4C2-476D-BDAE-2D4F63C74867\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndIncluding\":\"1.12.4\",\"matchCriteriaId\":\"D4106C27-B217-4601-98E7-88067B60CE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.4.0\",\"matchCriteriaId\":\"0CEF860F-EF1E-4AAC-9122-F3A4A1510196\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/\",\"source\":\"f5sirt@f5.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/\",\"source\":\"f5sirt@f5.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/\",\"source\":\"f5sirt@f5.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20230120-0005/\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K81926432\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5281\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.