Description

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.

Remediation

References

CVE-2022-30556

Related Vulnerabilities

WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.4.7)

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1184)

Java Denial of Service (DoS) Vulnerability (CVE-2018-2952)

WordPress Plugin Eyes Only:User Access Shortcode Cross-Site Scripting (1.8.2)

WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Cross-Site Request Forgery (2.7.2)

Severity

High

Classification

CVE-2022-30556 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities