Lucene search
ApacheCVELIST:CVE-2022-28614HistoryJun 08, 2022 - 10:00 a.m.
CVE-2022-28614 read beyond bounds via ap_rwrite()
2022-06-0810:00:48
CWE-190
CWE-200
apache
www.cve.org
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the ‘ap_rputs’ function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
CNA Affected
[
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.4.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
www.openwall.com/lists/oss-security/2022/06/08/4
httpd.apache.org/security/vulnerabilities_24.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/
security.gentoo.org/glsa/202208-20
security.netapp.com/advisory/ntap-20220624-0005/
Related
cloudlinux
cloudlinux
Fixed CVE-2022-28614 in httpd
2022-09-19 12:52:00
Fixed CVE-2022-28614 in httpd
2022-09-14 16:34:16
alpinelinux
alpinelinux
CVE-2022-28614
2022-06-09 17:15:09
nvd
nvd
CVE-2022-28614
2022-06-09 17:15:09
redhatcve
redhatcve
CVE-2022-28614
2022-06-08 20:01:55
nessus
nessus
F5 Networks BIG-IP : Apache HTTP server vulnerability (K58003591)
2022-07-05 00:00:00
Oracle Linux 6 : httpd (ELSA-2022-9714)
2022-08-17 00:00:00
Apache 2.4.x < 2.4.54 Multiple Vulnerabilities
2022-06-08 00:00:00
httpd
httpd
Apache Httpd < 2.4.54 : read beyond bounds via ap_rwrite()
2022-06-08 00:00:00
ubuntucve
ubuntucve
CVE-2022-28614
2022-06-09 00:00:00
prion
prion
Design/Logic Flaw
2022-06-09 17:15:00
f5
f5
K58003591 : Apache HTTP server vulnerability CVE-2022-28614
2022-07-05 00:00:00
osv
osv
CVE-2022-28614
2022-06-09 17:15:09
BIT-apache-2022-28614
2024-03-06 10:52:51
apache2 vulnerabilities
2022-06-21 13:12:48
ibm
ibm
veracode
veracode
Out-of-Bounds Read
2022-06-13 10:44:31
hackerone
hackerone
Internet Bug Bounty: Read beyond bounds via ap_rwrite() [zhbug_httpd_47.2]
2022-06-08 23:34:50
oraclelinux
oraclelinux
httpd security update
2022-08-17 00:00:00
httpd security, bug fix, and enhancement update
2022-11-22 00:00:00
httpd:2.4 security update
2022-11-15 00:00:00
debiancve
debiancve
CVE-2022-28614
2022-06-09 17:15:09
broadcom
broadcom
cve
cve
CVE-2022-28614
2022-06-09 17:15:09
openvas
openvas
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2614)
2022-10-28 00:00:00
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2270)
2022-08-18 00:00:00
Apache HTTP Server < 2.4.54 Multiple Vulnerabilities - Linux
2022-06-10 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2022-06-21 00:00:00
Apache HTTP Server regression
2022-06-23 00:00:00
Apache HTTP Server regression
2022-06-23 00:00:00
suse
suse
Security update for apache2 (important)
2022-07-06 00:00:00
Security update for apache2 (important)
2022-07-08 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: httpd-2.4.54-1.fc35
2022-07-06 01:54:10
[SECURITY] Fedora 36 Update: httpd-2.4.54-3.fc36
2022-07-01 01:09:46
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2022-06-08 00:00:00
amazon
amazon
Medium: httpd24
2022-06-30 23:38:00
Medium: httpd
2022-07-06 03:12:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 1:2.4.54-alt1
2022-06-21 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.54-alt1
2022-06-19 00:00:00
kaspersky
kaspersky
KLA12554 Multiple vulnerabilities in Apache HTTP Server
2022-06-08 00:00:00
slackware
slackware
[slackware-security] httpd
2022-06-08 19:24:07
redos
redos
ROS-20220628-01
2022-06-28 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0202
2022-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0489
2022-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0409
2022-06-23 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2161
2023-05-03 11:17:19
rocky
rocky
httpd security, bug fix, and enhancement update
2022-11-15 06:14:59
httpd:2.4 security update
2022-11-08 06:25:28
redhat
redhat
(RHSA-2022:7647) Moderate: httpd:2.4 security update
2022-11-08 06:25:28
(RHSA-2022:8067) Moderate: httpd security, bug fix, and enhancement update
2022-11-15 06:14:59
(RHSA-2022:6753) Moderate: httpd24-httpd security and bug fix update
2022-09-29 13:20:41
almalinux
almalinux
Moderate: httpd security, bug fix, and enhancement update
2022-11-15 00:00:00
Moderate: httpd:2.4 security update
2022-11-08 00:00:00
gentoo
gentoo
Apache HTTPD: Multiple Vulnerabilities
2022-08-14 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00