CVE-2022-22721
CRITICAL | Platform: macOS | Changelog
CVE Details
Description
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 9.1 (CRITICAL) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Weakness
References
- Apple Security Advisory
- NVD Entry
- http://seclists.org/fulldisclosure/2022/May/33 (Third Party Advisory)
- http://seclists.org/fulldisclosure/2022/May/35 (Third Party Advisory)
- http://seclists.org/fulldisclosure/2022/May/38 (Third Party Advisory)
- http://www.openwall.com/lists/oss-security/2022/03/14/2 (Mailing List, Third Party Advisory)
- https://httpd.apache.org/security/vulnerabilities_24.html (Vendor Advisory)
- https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html (Mailing List, Third Party Advisory)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/