CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
Low
Vulnerability of HTTP/3 QUIC module (ngx_http_v3_module) of NGINX Plus and NGINX OSS web servers is related to
null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
remotely to cause a denial of service using specially crafted HTTP/3 requests
Vulnerability in the HTTP/3 QUIC module (ngx_http_v3_module) of NGINX Plus and NGINX OSS web servers is related to the
memory usage after it is freed. Exploitation of the vulnerability could allow an attacker,
acting remotely, to gain unauthorized access to protected information by using specially
HTTP/3 requests
Vulnerabilities Vulnerability of HTTP/3 QUIC module (ngx_http_v3_module) of NGINX Plus and NGINX OSS web servers
is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting
remotely to cause a denial of service using specially crafted HTTP/3 requests