Description

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

Remediation

References

CVE-2022-22721

Related Vulnerabilities

WordPress Plugin MediaElement.js-HTML5 Video & Audio Player Cross-Site Scripting (4.2.8)

WordPress Plugin WP Maintenance Mode Cross-Site Request Forgery (1.8.7)

WordPress Plugin wpDataTables-WordPress Tables & Table Charts Premium Multiple Vulnerabilities (3.4.1)

Joomla Improper Access Control Vulnerability (CVE-2016-9838)

Oracle JRE CVE-2012-0499 Vulnerability (CVE-2012-0499)

Severity

Critical

Classification

CVE-2022-22721 CWE-190 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities