Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.4.53 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2022-30522
If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.
Apache Http Server 2.4.53
Netapp Clustered Data Ontap -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
445
VMScore
CVE-2022-26377
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an malicious user to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server ...
Apache Http Server
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap -
1 Github repository
1 Article
446
VMScore
CVE-2022-30556
Apache HTTP Server 2.4.53 and previous versions may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
Apache Http Server
Netapp Clustered Data Ontap -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
446
VMScore
CVE-2022-29404
In Apache HTTP Server 2.4.53 and previous versions, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Apache Http Server
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap -
668
VMScore
CVE-2022-31813
Apache HTTP Server 2.4.53 and previous versions may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
Apache Http Server
Netapp Clustered Data Ontap -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
446
VMScore
CVE-2022-28614
The ap_rwrite() function in Apache HTTP Server 2.4.53 and previous versions may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separa...
Apache Http Server
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap -
571
VMScore
CVE-2022-28615
Apache HTTP Server 2.4.53 and previous versions may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or...
Apache Http Server
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap -
668
VMScore
CVE-2022-23943
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an malicious user to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
447
VMScore
CVE-2022-22719
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and previous versions.
Apache Http Server
Debian Debian Linux 9.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Apple Macos
Apple Mac Os X 10.15.7
670
VMScore
CVE-2022-22720
Apache HTTP Server 2.4.52 and previous versions fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Zfs Storage Appliance Kit 8.8
Apple Macos
Apple Mac Os X 10.15.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »