CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-37436 – Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting
https://notcve.org/view.php?id=CVE-2022-37436
17 Jan 2023 — Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client. A flaw was found in the mod_proxy module of httpd. A malicious backend can cause the response headers to be truncated because they are not cleaned when an error is found while reading them, resulting in some headers being incorporated into t... • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') CWE-436: Interpretation Conflict •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36760 – Apache HTTP Server: mod_proxy_ajp Possible request smuggling
https://notcve.org/view.php?id=CVE-2022-36760
17 Jan 2023 — Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions. A flaw was found in the mod_proxy_ajp module of httpd. The connection is not closed when there is an invalid Transfer-Encoding header, allowing an attacker to smuggle requests to the AJP server, where it forwa... • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2006-20001 – Apache HTTP Server: mod_dav out of bounds read, or write of zero byte
https://notcve.org/view.php?id=CVE-2006-20001
17 Jan 2023 — A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. • https://github.com/Saksham2002/CVE-2006-20001 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-31813 – mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism
https://notcve.org/view.php?id=CVE-2022-31813
08 Jun 2022 — Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. Apache HTTP Server versiones 2.4.53 y anteriores, no envían los encabezados X-Forwarded-* al servidor de origen basándose en el mecanismo hop-by-hop del encabezado de conexión del lado del cliente. Esto puede usarse para evitar la autenticación basada en la IP en el s... • http://www.openwall.com/lists/oss-security/2022/06/08/8 • CWE-345: Insufficient Verification of Data Authenticity CWE-348: Use of Less Trusted Source •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-30556 – Information Disclosure in mod_lua with websockets
https://notcve.org/view.php?id=CVE-2022-30556
08 Jun 2022 — Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. Apache HTTP Server versiones 2.4.53 y anteriores, pueden devolver longitudes a las aplicaciones que llaman a r:wsread() que apuntan más allá del final del almacenamiento asignado para el buffer A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulti... • http://www.openwall.com/lists/oss-security/2022/06/08/7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 15%CPEs: 4EXPL: 0CVE-2022-30522 – mod_sed denial of service
https://notcve.org/view.php?id=CVE-2022-30522
08 Jun 2022 — If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort. Si Apache HTTP Server versión 2.4.53, está configurado para hacer transformaciones con mod_sed en contextos en los que la entrada a mod_sed puede ser muy grande, mod_sed puede hacer asignaciones de memoria excesivamente grandes y provocar un aborto A flaw was found in the mod_sed module of httpd. A ... • http://www.openwall.com/lists/oss-security/2022/06/08/6 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2022-29404 – Denial of service in mod_lua r:parsebody
https://notcve.org/view.php?id=CVE-2022-29404
08 Jun 2022 — In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. En Apache HTTP Server 2.4.53 y anteriores, una petición maliciosa a un script lua que llame a r:parsebody(0) puede causar una denegación de servicio debido a que no presenta un límite por defecto en el tamaño posible de la entrada A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls par... • http://www.openwall.com/lists/oss-security/2022/06/08/5 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28615 – Read beyond bounds in ap_strcmp_match()
https://notcve.org/view.php?id=CVE-2022-28615
08 Jun 2022 — Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected. Apache HTTP Server versiones 2.4.53 y anteriores, puede fallar o revelar información debido a una lectura más allá de los límites en la función ap_strcmp_match() cuando l... • http://www.openwall.com/lists/oss-security/2022/06/08/9 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28614 – read beyond bounds via ap_rwrite()
https://notcve.org/view.php?id=CVE-2022-28614
08 Jun 2022 — The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue. La función ap_rwrite() en el Servidor HTTP Apache 2.4.53 y an... • http://www.openwall.com/lists/oss-security/2022/06/08/4 • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28330 – read beyond bounds in mod_isapi
https://notcve.org/view.php?id=CVE-2022-28330
08 Jun 2022 — Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module. Apache HTTP Server versiones 2.4.53 y anteriores en Windows, puede leer más allá de los límites cuando es configurado para procesar peticiones con el módulo mod_isapi An out-of-bounds read vulnerability was found in the mod_isapi module of httpd. The issue occurs when httpd is configured to process requests with the mod_isapi module. Red Hat JBoss Core Services is a set of s... • http://www.openwall.com/lists/oss-security/2022/06/08/3 • CWE-125: Out-of-bounds Read •