SUSE CVE-2022-28615

🗓️ 15 Feb 2023 03:26:31Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

CVE-2022-28615: Apache HTTP Server may crash or leak data via read bounds in ap_strcmp_match.

Reporter	Title	Published	Views	Family All 215
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server	25 Jul 202215:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager.	26 Sep 202218:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Aspera Faspex 4.4.2 PL2 has addressed multiple vulnerabilities (CVE-2022-28330, CVE-2023-22868, CVE-2022-30556, CVE-2022-31813, CVE-2022-30522, CVE-2022-47986, CVE-2022-28615, CVE-2022-26377, CVE-2018-25032, CVE-2022-2068)	12 Nov 202402:31	–	ibm
IBM Security Bulletins	WebSphere Application Server and IBM HTTP Server Security Bulletin List	13 Jul 202218:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities	8 Aug 202208:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2022-28615)	7 Feb 202320:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - IoT Component uses "Apache httpd 2.4" which is vulnerable to multiple CVEs	21 Mar 202506:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to bypass security restrictions and obtain sensitive information due to multiple vulnerabilities.	28 Jul 202217:56	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities affect IBM Cloud Pak System.	9 Oct 202417:08	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server	30 Dec 202217:31	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	11.3	any	apache2	2.2.34-70.44.1	apache2-2.2.34-70.44.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server	12.4	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.3	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.4	any	apache2	2.4.23-29.91.1	apache2-2.4.23-29.91.1.noarch.rpm
SUSE Linux Enterprise Server	15	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm
SUSE Linux Enterprise Server	15.1	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.1	any	apache2	2.4.33-150000.3.69.1	apache2-2.4.33-150000.3.69.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2022-28615
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1200341
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-September/012196.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-June/011297.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-June/011298.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-July/011423.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-July/011487.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2022-July/011488.html

27 May 2026 05:03Current

8.5High risk

Vulners AI Score8.5

CVSS 3.17.4

EPSS0.0569

Apache HTTP Server read bounds ap_strcmp_match large input