# 2.3.1 release notes




July 21, 2022

NGINX Instance Manager 2.3.1 release notes
## Upgrade Paths {#2-3-1-upgrade-paths}

NGINX Instance Manager 2.3.1 supports upgrades from these previous versions:

- 2.0.0 - 2.3.0

If your NGINX Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

## Security updates{#2-3-1-security-updates}

**important:** 
For the protection of our customers, NGINX doesn’t disclose security issues until an investigation has occurred and a fix is available.

This release includes the following security updates:

- [icon: resolved] **Instance Manager vulnerability CVE-2022-35241**<a name="2-3-1-security-updates-Instance-Manager-vulnerability-CVE-2022-35241-34814"></a>

   In versions of 2.x before 2.3.1 and all versions of 1.x, when Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization.

   This issue has been classified as [CWE-400: Uncontrolled Resource Consumption](https://cwe.mitre.org/data/definitions/400.html).

   For more information, refer to the AskF5 article [K37080719](https://support.f5.com/csp/article/K37080719).

## Known issues {#2-3-1-known-issues}

You can find information about known issues in the [Known Issues](/nim/releases/known-issues.md) topic.