6 matches found
Astra Linux – Vulnerability in Apache2
Apache HTTP Server 2.4.53 and earlier may return incorrect lengths when applications call r:wsread, causing the buffer to point beyond the allocated storage space...
httpd: mod_lua: Information disclosure with websockets
A flaw was found in the modlua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure...
Vulnerability of the r:wsread() function in the mod_lua module of the Apache HTTP Server, which allows an attacker to gain unauthorized access to protected information
The vulnerability of the r:wsread function in the modlua module of the Apache HTTP Server is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CLSA-2022-1656429967 Fixed CVEs in httpd-39.module_el8.4.0+2061+54659116.1.tuxcare.centos8.4-els: CVE-2022-28615, CVE-2022-31813, CVE-2022-30556, CVE-2022-26377, CVE-2022-30522
CVE-2022-30522: modsed: limit memory usage - CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-30556: modlua: fix r:wsread to not return length that point past the end of the storage allocated for the buffer -...
DEBIAN-CVE-2022-30556
Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...
UBUNTU-CVE-2022-30556
Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...