{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35200", "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "state": "PUBLISHED", "assignerShortName": "f5", "dateReserved": "2024-05-14T16:31:57.502Z", "datePublished": "2024-05-29T16:02:05.342Z", "dateUpdated": "2025-02-13T17:52:32.647Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "modules": ["HTTP/3"], "product": "NGINX Open Source", "vendor": "F5", "versions": [{"lessThan": "1.26.1", "status": "affected", "version": "1.25.0", "versionType": "custom"}]}, {"defaultStatus": "unknown", "modules": ["HTTP/3"], "product": "NGINX Plus", "vendor": "F5", "versions": [{"lessThan": "R32", "status": "affected", "version": "R30", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "F5 acknowledges Nils Bars of CISPA for bringing this issue to our attention and following the highest standards of coordinated disclosure."}], "datePublic": "2024-05-29T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate."}], "value": "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5", "dateUpdated": "2024-06-10T16:07:54.200Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://my.f5.com/manage/s/article/K000139612"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}, {"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"}], "source": {"discovery": "EXTERNAL"}, "title": "NGINX HTTP/3 QUIC vulnerability", "x_generator": {"engine": "F5 SIRTBot v1.0"}}, "adp": [{"affected": [{"vendor": "f5", "product": "nginx_plus", "cpes": ["cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "r30", "status": "affected", "lessThanOrEqual": "r31", "versionType": "custom"}]}, {"vendor": "f5", "product": "nginx", "cpes": ["cpe:2.3:a:f5:nginx:1.25.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.25.0", "status": "affected", "lessThanOrEqual": "1.26.0", "versionType": "custom"}]}, {"vendor": "fedoraproject", "product": "fedora", "cpes": ["cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "39", "status": "affected"}]}, {"vendor": "fedoraproject", "product": "fedora", "cpes": ["cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "40", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-29T18:35:12.047696Z", "id": "CVE-2024-35200", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T20:51:58.724Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:07:46.774Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://my.f5.com/manage/s/article/K000139612"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://my.f5.com/manage/s/article/K000139612", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:07:46.774Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35200", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-29T18:35:12.047696Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*"], "vendor": "f5", "product": "nginx_plus", "versions": [{"status": "affected", "version": "r30", "versionType": "custom", "lessThanOrEqual": "r31"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:f5:nginx:1.25.0:*:*:*:*:*:*:*"], "vendor": "f5", "product": "nginx", "versions": [{"status": "affected", "version": "1.25.0", "versionType": "custom", "lessThanOrEqual": "1.26.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*"], "vendor": "fedoraproject", "product": "fedora", "versions": [{"status": "affected", "version": "39"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*"], "vendor": "fedoraproject", "product": "fedora", "versions": [{"status": "affected", "version": "40"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-29T18:34:58.099Z"}}], "cna": {"title": "NGINX HTTP/3 QUIC vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "F5 acknowledges Nils Bars of CISPA for bringing this issue to our attention and following the highest standards of coordinated disclosure."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "F5", "modules": ["HTTP/3"], "product": "NGINX Open Source", "versions": [{"status": "affected", "version": "1.25.0", "lessThan": "1.26.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "F5", "modules": ["HTTP/3"], "product": "NGINX Plus", "versions": [{"status": "affected", "version": "R30", "lessThan": "R32", "versionType": "custom"}], "defaultStatus": "unknown"}], "datePublic": "2024-05-29T14:00:00.000Z", "references": [{"url": "https://my.f5.com/manage/s/article/K000139612", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}, {"url": "http://www.openwall.com/lists/oss-security/2024/05/30/4"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"}], "x_generator": {"engine": "F5 SIRTBot v1.0"}, "descriptions": [{"lang": "en", "value": "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.", "supportingMedia": [{"type": "text/html", "value": "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5", "dateUpdated": "2024-06-10T16:07:54.200Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35200", "state": "PUBLISHED", "dateUpdated": "2025-02-13T17:52:32.647Z", "dateReserved": "2024-05-14T16:31:57.502Z", "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "datePublished": "2024-05-29T16:02:05.342Z", "assignerShortName": "f5"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA79B55D-E494-4961-81C6-80363BE46FE0", "versionEndExcluding": "1.26.1", "versionStartIncluding": "1.25.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*", "matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*", "matchCriteriaId": "4EBEC829-7EED-487E-974D-BBA704DFBF0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r30:p2:*:*:*:*:*:*", "matchCriteriaId": "D0648596-D1F5-4A7A-B7F8-104E3AF26317", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*", "matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r31:p1:*:*:*:*:*:*", "matchCriteriaId": "9D5BB4C0-B862-4CDD-AA54-1BC1BDF27005", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate."}, {"lang": "es", "value": "Cuando NGINX Plus o NGINX OSS est\u00e1n configurados para usar el m\u00f3dulo HTTP/3 QUIC, las solicitudes HTTP/3 no reveladas pueden hacer que los procesos de trabajo de NGINX finalicen."}], "id": "CVE-2024-35200", "lastModified": "2025-01-24T16:15:15.340", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "f5sirt@f5.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-29T16:15:10.497", "references": [{"source": "f5sirt@f5.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4"}, {"source": "f5sirt@f5.com", "tags": ["Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"}, {"source": "f5sirt@f5.com", "tags": ["Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}, {"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://my.f5.com/manage/s/article/K000139612"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://my.f5.com/manage/s/article/K000139612"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "f5sirt@f5.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "nginx: undisclosed HTTP/3 requests can cause NGINX worker processes to terminate", "id": "2283919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283919"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.", "A flaw was found in the nginx HTTP/3 implementation. This issue may allow an attacker using a specially crafted QUIC session to trigger a NULL pointer dereference error, causing worker processes to crash and lead to a denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35200", "package_state": [{"cpe": "cpe:/a:redhat:ansible_automation_platform", "fix_state": "Not affected", "package_name": "nginx", "product_name": "Red Hat Ansible Automation Platform 1.2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "nginx:1.22/nginx", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "nginx:1.24/nginx", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "nginx", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "nginx:1.22/nginx", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "nginx:1.24/nginx", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-nginx118-nginx", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-nginx120-nginx", "product_name": "Red Hat Software Collections"}], "public_date": "2024-05-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35200\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35200\nhttps://my.f5.com/manage/s/article/K000139612"], "statement": "As this flaw allows a remote attacker to cause a denial of service, it has been rated with an important severity.\nThe nginx package as shipped in Red Hat Enterprise Linux 8, 9 and RHSCL is not affected by this vulnerability because the support for HTTP/3 is not enabled and the vulnerable code was introduced in a later version of nginx.", "threat_severity": "Important", "upstream_fix": "nginx 1.26.1, nginx 1.27.0"}