Описание
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.4.29-1ubuntu4.17 |
| devel | released | 2.4.48-3.1ubuntu2 |
| esm-infra-legacy/trusty | released | 2.4.7-1ubuntu4.22+esm2 |
| esm-infra/bionic | released | 2.4.29-1ubuntu4.17 |
| esm-infra/focal | released | 2.4.41-4ubuntu3.5 |
| esm-infra/xenial | released | 2.4.18-2ubuntu3.17+esm2 |
| focal | released | 2.4.41-4ubuntu3.5 |
| hirsute | released | 2.4.46-4ubuntu1.2 |
| impish | released | 2.4.48-3.1ubuntu2 |
| jammy | released | 2.4.48-3.1ubuntu2 |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
ap_escape_quotes() may write beyond the end of a buffer when given mal ...
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3