SUSE CVE-2022-28614

🗓️ 15 Feb 2023 03:26:31Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 3 Views

Apache web server before 2.4.53 may read memory from large input via ap_rwrite or ap_rputs; modules must recompile.

Reporter	Title	Published	Views	Family All 211
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server	25 Jul 202215:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager.	26 Sep 202218:30	–	ibm
IBM Security Bulletins	WebSphere Application Server and IBM HTTP Server Security Bulletin List	13 Jul 202218:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities	8 Aug 202208:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to bypass security restrictions and obtain sensitive information due to multiple vulnerabilities.	28 Jul 202217:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Aspera Orchestrator affected by an Apache HTTP Server vulnerability (CVE-2022-28614)	2 Feb 202321:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities affect IBM Cloud Pak System.	9 Oct 202417:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use Mapping Assistance may be vulnerable to loss of confidentiality due to CVE-2022-28614	7 Nov 202211:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server	30 Dec 202217:31	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On	28 Jul 202203:39	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	11.3	any	apache2	2.2.34-70.44.1	apache2-2.2.34-70.44.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server	12.4	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.3	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.4	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server	15	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm
SUSE Linux Enterprise Server	15.1	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.1	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2022-28614
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1200340
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-September/012196.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-June/011297.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-June/011298.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-July/011423.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-July/011487.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-July/011488.html

06 Jun 2026 05:44Current

8.7High risk

Vulners AI Score8.7

CVSS 3.15.9

EPSS0.04428

Apache web server memory read large input ap_rwrite ap_rputs recompile modules security vulnerability