K000139628: Out-of-band Security Notification (May 29, 2024)

Security Advisory Description On May 29, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. You can watch the May 2024 Out-of-band Security Notification (OoBSN) briefing by DevCentral in the following video: Medium CVEs Article (CVE)| CVSS score| Affected products| Affected versions1| Fixes introduced in —|—|—|—|— K000139609: NGINX HTTP/3 QUIC vulnerability CVE-2024-32760| 6.5| NGINX Plus| R30 – R31| R32 NGINX Open Source| 1.25.0 – 1.26.0| 1.27.0 K000139627: NGINX HTTP/3 QUIC vulnerability CVE-2024-34161| 5.3| NGINX Plus| R30 – R31| R32 NGINX Open Source| 1.25.0 – 1.26.0| 1.27.0 K000139612: NGINX HTTP/3 QUIC vulnerability CVE-2024-35200| 5.3| NGINX Plus| R30 – R31| R32 NGINX Open Source| 1.25.0 – 1.26.0| 1.27.0 K000139611: NGINX HTTP/3 QUIC vulnerability CVE-2024-31079| 4.8| NGINX Plus| R30 – R31| R32 NGINX Open Source| 1.25.0 – 1.26.0| 1.27.0 1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their…Read More