NGINX Security Update (MINDBREEZE37716)

ID: MINDBREEZE37716 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 4.7 Medium 
Status: Final 
First published: December 12, 2025 
CVEs: CVE-2024-7347, CVE-2025-23419 

Summary 

• nginx: over-read vulnerability in ngx_http_mp4_module
• nginx: TLS-Session ticket re-use 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.7 Release
• Mindbreeze InSpire SaaS 25.7 Release