Описание
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.4.29-1ubuntu4.22 |
| devel | released | 2.4.52-1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 2.4.7-1ubuntu4.22+esm4 |
| esm-infra/bionic | not-affected | 2.4.29-1ubuntu4.22 |
| esm-infra/focal | not-affected | 2.4.41-4ubuntu3.10 |
| esm-infra/xenial | released | 2.4.18-2ubuntu3.17+esm5 |
| focal | released | 2.4.41-4ubuntu3.10 |
| impish | released | 2.4.48-3.1ubuntu3.3 |
| jammy | released | 2.4.52-1ubuntu2 |
| trusty | ignored | end of standard support |
Показывать по
EPSS
5.8 Medium
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
If LimitXMLRequestBody is set to allow request bodies larger than 350M ...
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
EPSS
5.8 Medium
CVSS2
9.1 Critical
CVSS3