VDB

ALPINE-CVE-2022-23943

ALPINE-CVE-2022-23943 PUBLISHED CVSS 9.800000190734863 CRITICAL

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.13apache20, 0, 2.4.9-r1
Alpine:v3.18apache22.4.28-r0, 2.4.27-r2, 2.4.27-r1
Alpine:v3.19apache22.2.16-r3, 2.4.38-r2, 2.4.17-r4
Alpine:v3.16apache22.4.23-r7, 0, 2.4.9-r1
Alpine:v3.21apache22.4.9-r1, 0, 2.2.16-r0
Alpine:v3.15apache22.2.17-r1, 2.4.9-r0, 2.4.7-r0
Alpine:v3.12apache20, 2.4.3-r2, 2.4.3-r0
Alpine:v3.20apache22.4.37-r0, 0, 2.4.9-r1
Alpine:v3.23apache22.4.23-r4, 2.4.41-r0, 2.4.23-r4
Alpine:v3.14apache22.4.18-r2, 2.4.20-r0, 2.4.20-r1
Alpine:v3.22apache22.4.17-r1, 2.2.16-r2, 0
Alpine:v3.17apache22.2.16-r0, 0, 2.4.33-r0
Alpine:v3.24apache20

Timeline

  • Mar 14, 2022 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›