Page 92 of 1100 results (0.024 seconds)

CVSS: 7.5EPSS: 1%CPEs: 32EXPL: 4

CVE-2022-0778 – Infinite loop in BN_mod_sqrt() reachable when parsing certificates

https://notcve.org/view.php?id=CVE-2022-0778

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. • https://github.com/drago-96/CVE-2022-0778 https://github.com/jkakavas/CVE-2022-0778-POC https://github.com/0xUhaw/CVE-2022-0778 https://github.com/jeongjunsoo/CVE-2022-0778 http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 https://cert-portal.siemens.com/productcert/pdf/ssa-712 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 9.8EPSS: 12%CPEs: 8EXPL: 0

CVE-2022-23943 – mod_sed: Read/write beyond bounds

https://notcve.org/view.php?id=CVE-2022-23943

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. Una vulnerabilidad de escritura fuera de límites en mod_sed de Apache HTTP Server permite a un atacante sobrescribir la memoria de la pila con datos posiblemente proporcionados por el atacante. Este problema afecta a Apache HTTP Server 2.4 versiones 2.4.52 y anteriores An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker. • http://www.openwall.com/lists/oss-security/2022/03/14/1 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 9.1EPSS: 0%CPEs: 24EXPL: 0

CVE-2022-22721 – core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody

https://notcve.org/view.php?id=CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. Si LimitXMLRequestBody está configurado para permitir cuerpos de petición de más de 350 MB (por defecto 1M) en sistemas de 32 bits, es producido un desbordamiento de enteros que causa posteriormente escrituras fuera de límites. Este problema afecta a Apache HTTP Server 2.4.52 y anteriores A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/14/2 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO https://lists.fedoraproject.org/archives/list/package • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 1%CPEs: 24EXPL: 1

CVE-2022-22720 – HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier

https://notcve.org/view.php?id=CVE-2022-22720

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling Apache HTTP Server versiones 2.4.52 y anteriores, no cierran la conexión entrante cuando son encontrados errores descartando el cuerpo de la petición, exponiendo al servidor al contrabando de peticiones HTTP A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling. • https://github.com/Benasin/CVE-2022-22720 http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/14/3 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO https:& • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 7.5EPSS: 39%CPEs: 24EXPL: 0

CVE-2022-22719 – mod_lua Use of uninitialized value of in r:parsebody

https://notcve.org/view.php?id=CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. Un cuerpo de petición cuidadosamente diseñado puede causar una lectura en una zona de memoria aleatoria que podría causar al proceso un bloqueo. Este problema afecta al servidor HTTP Apache versiones 2.4.52 y anteriores A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/14/4 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO https://lists.fedoraproject.org/archives/list/package • CWE-665: Improper Initialization CWE-908: Use of Uninitialized Resource •