USN-5333-1: Apache HTTP Server vulnerabilities

Read Time:49 Second

Chamal De Silva discovered that the Apache HTTP Server mod_lua module
incorrectly handled certain crafted request bodies. A remote attacker could
possibly use this issue to cause the server to crash, resulting in a denial
of service. (CVE-2022-22719)

James Kettle discovered that the Apache HTTP Server incorrectly closed
inbound connection when certain errors are encountered. A remote attacker
could possibly use this issue to perform an HTTP Request Smuggling attack.
(CVE-2022-22720)

It was discovered that the Apache HTTP Server incorrectly handled large
LimitXMLRequestBody settings on certain platforms. In certain
configurations, a remote attacker could use this issue to cause the server
to crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-22721)

Ronald Crane discovered that the Apache HTTP Server mod_sed module
incorrectly handled memory. A remote attacker could use this issue to cause
the server to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2022-23943)

Compliance Now Biggest Cyber Challenge for UK Financial Services

Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI

Organizations Found to Address Only 21% of GenAI-Related Vulnerabilities

LabHost Phishing Mastermind Sentenced to 8.5 Years

Closing the Gap: How to Build a Consistent Exposure and Vulnerability Management Workflow

Trump Revenge Tour Targets Cyber Leaders, Elections

Upcoming Speaking Engagements

Major WordPress Plugin Flaw Exploited in Under 4 Hours

Prodaft Offers “No Judgment” Deal to Buy Dark Web Accounts from Cybercrime Forum Users

USN-5333-1: Apache HTTP Server vulnerabilities

cacti-1.2.30-1.el8 cacti-spine-1.2.30-1.el8

cacti-1.2.30-1.el9 cacti-spine-1.2.30-1.el9

USN-7437-1: CImg library vulnerabilities

mujs-1.0.9-2.el8

USN-7436-1: WebKitGTK vulnerabilities

USN-7435-1: Protocol Buffers vulnerability