Back to search
CVE-2022-22721
Published: Mar 14, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache HTTP Server | affected Apache HTTP Server 2.4 - <= 2.4.52 |
Weaknesses (CWE)
References
https://httpd.apache.org/security/vulnerabilities_24.html
x_refsource_MISC
FEDORA-2022-b4103753e9
vendor-advisory
x_refsource_FEDORA
[debian-lts-announce] 20220322 [SECURITY] [DLA 2960-1] apache2 security update
mailing-list
x_refsource_MLIST
FEDORA-2022-21264ec6db
vendor-advisory
x_refsource_FEDORA
FEDORA-2022-78e3211c55
vendor-advisory
x_refsource_FEDORA
https://www.oracle.com/security-alerts/cpuapr2022.html
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20220321-0001/
x_refsource_CONFIRM
20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
mailing-list
x_refsource_FULLDISC
20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
mailing-list
x_refsource_FULLDISC
20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
mailing-list
x_refsource_FULLDISC
https://www.oracle.com/security-alerts/cpujul2022.html
x_refsource_MISC
https://support.apple.com/kb/HT213257
x_refsource_CONFIRM
https://support.apple.com/kb/HT213256
x_refsource_CONFIRM
https://support.apple.com/kb/HT213255
x_refsource_CONFIRM
GLSA-202208-20
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now