Your submission was sent successfully! Close

CVE-2022-22721

Published: 14 March 2022

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

Priority

Low

CVSS 3 base score: 9.8

Status

Package Release Status
apache2
Launchpad, Ubuntu, Debian
bionic
Released (2.4.29-1ubuntu4.22)
focal
Released (2.4.41-4ubuntu3.10)
impish
Released (2.4.48-3.1ubuntu3.3)
jammy
Released (2.4.52-1ubuntu2)
trusty
Released (2.4.7-1ubuntu4.22+esm4)
upstream
Released (2.4.53)
xenial
Released (2.4.18-2ubuntu3.17+esm5)