Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2022-22721 - CERT CVE
CVE-2022-22721
ID
CVE-2022-22721
Sažetak
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
Reference
https://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2022/03/14/2
https://security.netapp.com/advisory/ntap-20220321-0001/
https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://support.apple.com/kb/HT213255
http://seclists.org/fulldisclosure/2022/May/38
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
https://www.oracle.com/security-alerts/cpujul2022.html
https://security.gentoo.org/glsa/202208-20
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/
CVSS
Base:
5.8
Impact:
4.9
Exploitability:
8.6
Pristup
Vektor
Složenost
Autentikacija
NETWORK
MEDIUM
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
NONE
PARTIAL
PARTIAL
CVSS vektor
AV:N/AC:M/Au:N/C:N/I:P/A:P
Zadnje važnije ažuriranje
07-11-2023 - 03:43
Objavljeno
14-03-2022 - 11:15
