VDB
CVE-2022-41743
CVE-2022-41743
PUBLISHED
CVSS 8.699999809265137 HIGH
NGINX Plus ist die kommerzielle Variante von NGINX, einer Webserver-, Reverse Proxy- und E-Mail Proxy Software. NGINX ist eine Webserver-, Reverse Proxy- und E-Mail-Proxy Software.
EPSS 0.08% · 24.5th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.08%
24.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| NGINX | NGINX NGINX Open Source <1.23.2 (mainline) | |
| Oracle | Oracle Linux | |
| NGINX | NGINX NGINX Plus <R26 P1 | |
| Amazon | Amazon Linux 2 | |
| NGINX | NGINX NGINX Plus <R27 P1 | |
| SUSE | SUSE Linux | |
| NGINX | NGINX NGINX Open Source Subscription <R2 P1 | |
| NGINX | NGINX NGINX Open Source Subscription <R1 P1 | |
| NGINX | NGINX NGINX Ingress Controller <2.4.1 | |
| Red Hat | Red Hat Enterprise Linux | |
| Ubuntu | Ubuntu Linux | |
| Debian | Debian Linux | |
| NGINX | NGINX NGINX Open Source <1.22.1 (stable) | |
| NGINX | NGINX NGINX Ingress Controller <1.12.5 |
Exploit Intelligence
Timeline
- Oct 19, 2022 CVE Published
- Oct 22, 2022 EPSS Score
- Dec 5, 2022 EPSS Score
- Jan 17, 2023 EPSS Score
- Mar 2, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 15, 2023 EPSS Score
- May 28, 2023 EPSS Score
- Jul 11, 2023 EPSS Score
- Aug 24, 2023 EPSS Score
- Oct 6, 2023 EPSS Score
- Nov 19, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1803.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1803 advisory
- https://www.nginx.com/blog/updating-nginx-for-vulnerabilities-in-the-mp4-and-hls-video-streaming-modules/ advisory
- https://support.f5.com/csp/article/K81926432 advisory
- https://support.f5.com/csp/article/K28112382 advisory
- https://support.f5.com/csp/article/K01112063 advisory
- https://ubuntu.com/security/notices/USN-5722-1 advisory
- https://lists.debian.org/debian-security-announce/2022/msg00251.html advisory
- https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html advisory
- https://alas.aws.amazon.com/ALAS-2023-1665.html advisory
- https://alas.aws.amazon.com/AL2022/ALAS-2023-270.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013565.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013593.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013597.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-February/013644.html advisory
- https://alas.aws.amazon.com/AL2/ALASNGINX1-2023-001.html advisory
- https://access.redhat.com/errata/RHSA-2025:7546 advisory
- https://access.redhat.com/errata/RHSA-2025:7402 advisory
- https://access.redhat.com/errata/RHSA-2025:7619 advisory
- https://linux.oracle.com/errata/ELSA-2025-7402.html advisory
…and 1 more