VDB

DEBIAN-CVE-2021-44790

DEBIAN-CVE-2021-44790 PUBLISHED CVSS 9.800000190734863 CRITICAL

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Debian:11apache22.4.49-1~deb11u2, 2.4.51-1~bpo10+2, 2.4.51-2
Debian:12apache20, 0, 0
Debian:13apache20, 0, 0
Debian:14apache20, 0, 0
Debianapache2

Exploit Intelligence

Timeline

  • Dec 20, 2021 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›