admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clarify additional important point for Apache HTTPD

Browse Source
This commit is contained in:
Mark J. Cox 2022-06-15 08:06:19 +01:00
parent c3c598e6b8
commit 7fd84659ef
No known key found for this signature in database
GPG Key ID: 2039C75CCA6545AB
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2022/28xxx/CVE-2022-28614.json
View File

@ -42,7 +42,7 @@
"description_data": [
{
"lang": "eng",
"value": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function."
"value": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue."
}
]
},
@ -98,4 +98,4 @@
"value": "released in 2.4.54"
}
]
}
}