Lucene search
K

59 matches found

OSV
OSV
added 2026/04/23 5:29 p.m.6 views

CLSA-2026-1776965343 Fix CVE(s): CVE-2022-29404

SECURITY UPDATE: DoS via unbounded request body in modlua - debian/patches/CVE-2022-29404-part1.patch: set APDEFAULTLIMITREQBODY to 1GB in server/core.c, enforce LimitRequestBody in apsetupclientblock in modules/http/httpfilters.c, remove redundant proxy check in modules/proxy/modproxyhttp.c. -...

7.5CVSS7.2AI score0.05678EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.5 (AXSA:2022-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3871:03 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: NULL...

9.8CVSS8.5AI score0.99999EPSS
Exploits8References17
Circl
Circl
added 2024/10/15 10:14 a.m.19 views

CVE-2022-29404

creationtimestamp| type| source ---|---|--- 2024-10-15 10:14:15+00:00| seen| Telegram/HfSunJuoYNfbsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ 2025-05-13 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-01...

7.5CVSS8.2AI score0.05678EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.64 views

Apache 2.4.x < 2.4.54 Multiple Vulnerabilities (mod_lua)

The version of Apache httpd installed on the remote host is prior to 2.4.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.54 advisory. - Denial of service in modlua r:parsebody: In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that...

7.5CVSS8AI score0.05678EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.67 views

Rocky Linux 8 : httpd:2.4 (RLSA-2022:7647)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7647 advisory. - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Serve...

9.8CVSS8AI score0.90407EPSS
Exploits2References21
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/19 4:28 p.m.48 views

Security Bulletin: IBM Rational Build Forge is vulnerable to a denial of service due to the use of Apache HTTP server (CVE-2022-29404).

Summary Apache HTTP server is used by IBM Rational Build Forge. This fix includes Apache Http Server 2.4.54 Vulnerability Details CVEID:CVE-2022-29404 DESCRIPTION: Apache HTTP Server is vulnerable to a denial of service, caused by no default limit on possible input size. By sending a specially...

7.5CVSS8.4AI score0.05678EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/07/10 5:12 p.m.8 views

CLSA-2023-1689009164 Fix CVE(s): CVE-2022-29404

SECURITY UPDATE: modlua may denial of service in r:parsebody0 - debian/patches/CVE-2022-29404.patch: use a liberal default limit for LimitRequestBody of 1GB to prevent a denial of service caused by a malicious lua script request - CVE-2022-29404...

7.5CVSS7.1AI score0.05678EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/05/08 12:0 a.m.40 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1737)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.90407EPSS
Exploits1References2
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.128 views

K29735525: Apache HTTPD vulnerability CVE-2022-29404

Security Advisory Description In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody0 may cause a denial of service due to no default limit on possible input size. CVE-2022-29404 Impact There is no impact; F5 products are not affected by this...

7.5CVSS8.3AI score0.05678EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-29404

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody0 may cause a denial of service due to no default limit on possible input size...

5.9CVSS8.1AI score0.05678EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/30 5:31 p.m.101 views

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring ITM portal server. CVEs: CVE-2022-22365, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-26377, CVE-2022-31813, CVE-2022-30556. It also includes Java 8...

9.8CVSS8.1AI score0.19008EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2022/12/28 12:0 a.m.39 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2884)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.90407EPSS
Exploits2References2
Oracle linux
Oracle linux
added 2022/11/22 12:0 a.m.79 views

httpd security, bug fix, and enhancement update

2.4.53-7.0.1 - Replace index.html with Oracles index page oracleindex.html. 2.4.53-7 - Resolves: 2094997 - CVE-2022-26377 httpd: modproxyajp: Possible request smuggling - Resolves: 2097032 - CVE-2022-28615 httpd: out-of-bounds read in apstrcmpmatch - Resolves: 2098248 - CVE-2022-31813 httpd:...

9.8CVSS0.2AI score0.90407EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.59 views

AlmaLinux 9 : httpd (ALSA-2022:8067)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8067 advisory. - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server...

9.8CVSS8AI score0.90407EPSS
Exploits2References11
RedHat Linux
RedHat Linux
added 2022/11/15 9:58 a.m.95 views

Moderate: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

An update for httpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.2AI score0.90407EPSS
Exploits2References16
OSV
OSV
added 2022/11/15 6:14 a.m.55 views

RLSA-2022:8067 Moderate: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.53. BZ2079939 Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of...

8.1CVSS9AI score0.90407EPSS
Exploits2References15
Oracle linux
Oracle linux
added 2022/11/15 12:0 a.m.84 views

httpd:2.4 security update

httpd 2.4.37-51.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracles index page oracleindex.html 2.4.37-51 - Resolves: 2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via aprwrite - Resolves: 2097031 - CVE-2022-28615 httpd:2.4/httpd:...

9.8CVSS0.5AI score0.90407EPSS
Exploits3
OSV
OSV
added 2022/11/15 12:0 a.m.57 views

ALSA-2022:8067 Moderate: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.53. BZ2079939 Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of...

9.8CVSS9.1AI score0.90407EPSS
Exploits2References22
AlmaLinux
AlmaLinux
added 2022/11/15 12:0 a.m.92 views

Moderate: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.53. BZ2079939 Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of...

9.8CVSS8.8AI score0.90407EPSS
Exploits2References22
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.285 views

AlmaLinux 8 : httpd:2.4 (ALSA-2022:7647)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7647 advisory. httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of uninitialized value of in r:parsebody CVE-2022-22719 httpd: core: Possible...

9.8CVSS8.1AI score0.90407EPSS
Exploits2References11
Rows per page
Query Builder