Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
NGINX HTTP/3 QUIC vulnerability - CVE-2024-34161 - Vulnerability Database
Nginx

NGINX HTTP/3 QUIC vulnerability - CVE-2024-34161

Medium
Reference: CVE-2024-34161
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-34161
Title: NGINX HTTP/3 QUIC vulnerability
Overview:

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory.