VDB
CESS-2022-22721
CESS-2022-22721
PUBLISHED
CVSS 9.1 CRITICAL
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
Risk Scores
CVSS 3.1
9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Timeline
- Mar 14, 2022 CVE Published