PT-2022-5265 · Nginx · Nginx

Published

2022-10-21

Updated

2026-04-01

CVE-2022-3638

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions nginx (affected versions not specified)

Description The issue is related to errors in memory release in the ngx resolver.c component of the nginx HTTP server. Exploitation of this issue may allow a remote attacker to cause a denial of service. The problem affects some unknown processing of the file ngx resolver.c of the component IPv4 Off Handler, leading to a memory leak. The attack may be initiated remotely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-401

Related Identifiers

BDU:2022-06549

CLEANSTART-2026-BA37192

CLEANSTART-2026-MQ02912

CLEANSTART-2026-XB16901

CLEANSTART-2026-ZN32454

CLEANSTART-2026-ZT77083

CVE-2022-3638

Affected Products

Nginx

PT-2022-5265 · Nginx · Nginx

CVE-2022-3638

Weakness Enumeration

Related Identifiers

Affected Products

References · 62