VDB

DEBIAN-CVE-2022-22721

DEBIAN-CVE-2022-22721 PUBLISHED CVSS 9.100000381469727 CRITICAL

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

Risk Scores

CVSS 3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Affected Products

VendorProductVersions
Debian:14apache20, 0, 0
Debian:12apache20, 0, 0
Debian:13apache20, 0, 0
Debian:11apache22.4.49-1, 2.4.49-2, 2.4.49-3

Exploit Intelligence

Timeline

  • Mar 14, 2022 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›