Описание
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
An out-of-bounds read vulnerability was found in the mod_isapi module of httpd. The issue occurs when httpd is configured to process requests with the mod_isapi module.
Отчет
Httpd, as shipped with Red Hat Enterprise Linux 6, 7, 8, 9, and RHSCL, is not affected by this flaw because it does not ship the mod_isapi module. The mod_isapi module is shipped by Windows systems only.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | httpd | Not affected | ||
| Red Hat Enterprise Linux 7 | httpd | Not affected | ||
| Red Hat Enterprise Linux 8 | httpd:2.4/httpd | Not affected | ||
| Red Hat Enterprise Linux 9 | httpd | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 6 | httpd22 | Not affected | ||
| Red Hat JBoss Web Server 3 | httpd24 | Not affected | ||
| Red Hat Software Collections | httpd24-httpd | Not affected | ||
| Text-Only JBCS | jbcs-httpd24-httpd | Fixed | RHSA-2022:8841 | 08.12.2022 |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bound ...
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
Уязвимость модуля mod_isapi веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании
5.3 Medium
CVSS3