{"api_version":"1","generated_at":"2026-04-25T02:28:21+00:00","cve":"CVE-2018-16845","urls":{"html":"https://cve.report/CVE-2018-16845","api":"https://cve.report/api/cve/CVE-2018-16845.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-16845","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-16845"},"summary":{"title":"CVE-2018-16845","description":"nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2018-11-07 14:29:00","updated_at":"2022-02-22 19:27:00"},"problem_types":["CWE-400"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2018:3680","name":"RHSA-2018:3680","refsource":"REDHAT","tags":["Third Party Advisory"],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2018:3652","name":"RHSA-2018:3652","refsource":"REDHAT","tags":["Third Party Advisory"],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2021/Sep/36","name":"20210921 APPLE-SA-2021-09-20-4 Xcode 13","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2021-09-20-4 Xcode 13","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2018:3681","name":"RHSA-2018:3681","refsource":"REDHAT","tags":["Third Party Advisory"],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2018:3653","name":"RHSA-2018:3653","refsource":"REDHAT","tags":["Third Party Advisory"],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html","name":"[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] [DLA 1572-1] nginx security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html","name":"openSUSE-SU-2019:2120","refsource":"SUSE","tags":["Mailing List","Third Party Advisory"],"title":"[security-announce] openSUSE-SU-2019:2120-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT212818","name":"https://support.apple.com/kb/HT212818","refsource":"CONFIRM","tags":[],"title":"About the security content of Xcode 13 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://usn.ubuntu.com/3812-1/","name":"USN-3812-1","refsource":"UBUNTU","tags":["Patch","Third Party Advisory"],"title":"USN-3812-1: nginx vulnerabilities | Ubuntu security notices","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1042039","name":"1042039","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"nginx MP4 Processing Bug Lets Remote Users Deny Service and Disclose Potentially Sensitive Information - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2018/dsa-4335","name":"DSA-4335","refsource":"DEBIAN","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-4335-1 nginx","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html","name":"http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html","refsource":"MISC","tags":["Mailing List","Patch","Vendor Advisory"],"title":"[nginx-announce] nginx security advisory (CVE-2018-16845)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/105868","name":"105868","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"nginx Multiple Denial of Service Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845","refsource":"CONFIRM","tags":["Issue Tracking","Third Party Advisory"],"title":"1644508 – (CVE-2018-16845) CVE-2018-16845 nginx: Denial of service and memory disclosure via mp4 module","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-16845","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16845","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"xcode","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1.0.15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1.15.5","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"f5","cpe5":"nginx","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1.0.15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nginx","cpe5":"nginx","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1.15.5","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nginx","cpe5":"nginx","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"leap","cpe6":"15.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"16845","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"opensuse","cpe5":"leap","cpe6":"15.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2018-16845","qid":"375873","title":"Apple Xcode Prior to 13 Vulnerability (HT212818)"},{"cve":"CVE-2018-16845","qid":"500426","title":"Alpine Linux Security Update for nginx"},{"cve":"CVE-2018-16845","qid":"504185","title":"Alpine Linux Security Update for nginx"},{"cve":"CVE-2018-16845","qid":"730358","title":"Nginx Denial of Service (DoS) Vulnerability"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2018-16845","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"nginx","version":{"version_data":[{"version_value":"1.15.6"},{"version_value":"1.14.1"}]}}]},"vendor_name":"[UNKNOWN]"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module."}]},"impact":{"cvss":[[{"vectorString":"8.2/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","version":"3.0"}]]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-400"}]}]},"references":{"reference_data":[{"name":"DSA-4335","refsource":"DEBIAN","url":"https://www.debian.org/security/2018/dsa-4335"},{"name":"RHSA-2018:3680","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:3680"},{"name":"RHSA-2018:3681","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:3681"},{"name":"105868","refsource":"BID","url":"http://www.securityfocus.com/bid/105868"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845"},{"name":"1042039","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1042039"},{"name":"[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html"},{"name":"RHSA-2018:3653","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:3653"},{"name":"RHSA-2018:3652","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:3652"},{"name":"USN-3812-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/3812-1/"},{"name":"http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html","refsource":"MISC","url":"http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html"},{"refsource":"SUSE","name":"openSUSE-SU-2019:2120","url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT212818","url":"https://support.apple.com/kb/HT212818"},{"refsource":"FULLDISC","name":"20210921 APPLE-SA-2021-09-20-4 Xcode 13","url":"http://seclists.org/fulldisclosure/2021/Sep/36"}]}},"nvd":{"publishedDate":"2018-11-07 14:29:00","lastModifiedDate":"2022-02-22 19:27:00","problem_types":["CWE-400"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":4.2},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":5.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.7","versionEndIncluding":"1.0.15","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.3","versionEndIncluding":"1.15.5","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*","versionEndExcluding":"13.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"16845","Ordinal":"133656","Title":"CVE-2018-16845","CVE":"CVE-2018-16845","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"16845","Ordinal":"1","NoteData":"nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"16845","Ordinal":"2","NoteData":"2018-11-07","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"16845","Ordinal":"3","NoteData":"2021-09-21","Type":"Other","Title":"Modified"}]}}}