4 matches found
CLSA-2022-1648136327 Fix CVE(s): CVE-2022-23943, CVE-2022-22720, CVE-2022-22721, CVE-2022-22719
SECURITY UPDATE: modlua Use of uninitialized value of in r:parsebody - debian/patches/CVE-2022-22719.patch: refactor luareadbody in order to catch all possible errors - CVE-2022-22719 SECURITY UPDATE: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier -...
USN-5333-2 apache2 vulnerabilities
USN-5333-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Chamal De Silva discovered that the Apache HTTP Server modlua module incorrectly handled certain crafted request bodies. A remote...
USN-5333-1 apache2 vulnerabilities
Chamal De Silva discovered that the Apache HTTP Server modlua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2022-22719 James Kettle discovered that the Apache HTTP Serv...
ALPINE-CVE-2022-22721
If LimitXMLRequestBody is set to allow request bodies larger than 350MB defaults to 1M on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier...