oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2022-23943: Apache HTTP Server: mod_sed: Read/write beyond bounds

From: Stefan Eissing <icing () apache org>
Date: Mon, 14 Mar 2022 10:06:24 +0000
Severity: important

Description:

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with 
possibly attacker provided data.

This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

Credit:

Ronald Crane (Zippenhop LLC)
Previous By Date Next
Previous By Thread Next

Current thread: