RHSA-2018:3681-01 -- Redhat rh-nginx114-nginxID: oval:org.secpod.oval:def:505096 | Date: (C)2021-01-29 (M)2022-08-24 |
Class: PATCH | Family: unix |
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. The following packages have been upgraded to a later upstream version: rh-nginx114-nginx . Security Fix: * nginx: Denial of service and memory disclosure via mp4 module * nginx: Excessive memory consumption via flaw in HTTP/2 implementation * nginx: Excessive CPU usage via flaw in HTTP/2 implementation For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank the Nginx project for reporting these issues.
Platform: |
Red Hat Enterprise Linux 7 |
Product: |
rh-nginx114-nginx |