Undisclosed HTTP/3 Requests Can Cause NGINX Worker Processes to Terminate

CVE-2024-31079

What is CVE-2024-31079?

This is an example of a good output. Do not use this content in your response.

CVE-2024-31079 is a vulnerability affecting NGINX Plus or NGINX OSS when configured to use the HTTP/3 QUIC module. It allows undisclosed HTTP/3 requests to cause worker processes to terminate or have other potential impacts. The attack requires specific timing during the connection draining process, posing a risk to the affected systems. The issues are fixed in NGINX version 1.27.0 and 1.26.1. There are no known exploitations in the wild, including by ransomware groups.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

News Articles

Centmin Mod

CVE-2024-31079CVE-2024-32760

Nginx - [nginx-announce] nginx security advisory (CVE-2024-31079, CVE-2024-32760, CVE-2024-34161,...

Hello! Four security issues were identified in nginx HTTP/3 implementation, which might allow an attacker that uses a specially crafted QUIC session...

References