Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-30556HistoryJun 09, 2022 - 5:15 p.m.
CVE-2022-30556
2022-06-0917:15:09
Alpine Linux Development Team
security.alpinelinux.org
25
apache http server
vulnerability
r:wsread()
length issue
unix
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
8.9
Confidence
High
EPSS
0.003
Percentile
70.6%
Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.19-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
| Alpine | 3.20-main | noarch | apache2 | < 2.4.54-r0 | UNKNOWN |
Related
osv
osv
BIT-apache-2022-30556
2024-03-06 10:52:05
CVE-2022-30556
2022-06-09 17:15:09
apache2 regression
2022-06-23 20:19:44
cvelist
cvelist
CVE-2022-30556 Information Disclosure in mod_lua with websockets
2022-06-08 10:00:55
veracode
veracode
Buffer Overflow
2022-06-14 16:42:41
httpd
httpd
Apache Httpd < 2.4.54 : Information Disclosure in mod_lua with websockets
2022-06-08 00:00:00
debiancve
debiancve
CVE-2022-30556
2022-06-09 17:15:09
prion
prion
Buffer overflow
2022-06-09 17:15:00
cnvd
cnvd
Apache HTTP Server Information Disclosure Vulnerability (CNVD-2022-73122)
2022-06-10 00:00:00
cve
cve
CVE-2022-30556
2022-06-09 17:15:09
f5
f5
K69309752 : Apache HTTPD vulnerability CVE-2022-30556
2022-07-04 00:00:00
ubuntucve
ubuntucve
CVE-2022-30556
2022-06-09 00:00:00
hackerone
hackerone
nvd
nvd
CVE-2022-30556
2022-06-09 17:15:09
redhatcve
redhatcve
CVE-2022-30556
2022-06-08 20:02:05
ibm
ibm
nessus
nessus
Apache 2.4.x < 2.4.54 Multiple Vulnerabilities (mod_lua)
2024-04-17 00:00:00
SUSE SLES12 Security Update : apache2 (SUSE-SU-2022:2101-1)
2022-06-17 00:00:00
Ubuntu 16.04 ESM / 18.04 LTS : Apache HTTP Server regression (USN-5487-3)
2022-06-23 00:00:00
mageia
mageia
Updated apache packages fix security vulnerability
2022-06-13 23:44:20
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0228)
2022-06-14 00:00:00
Apache HTTP Server < 2.4.54 Multiple Vulnerabilities - Linux
2022-06-10 00:00:00
Fedora: Security Advisory for httpd (FEDORA-2022-b54a8dee29)
2022-07-07 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2022-06-21 00:00:00
Apache HTTP Server regression
2022-06-23 00:00:00
Apache HTTP Server regression
2022-06-23 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: httpd-2.4.54-3.fc36
2022-07-01 01:09:46
[SECURITY] Fedora 35 Update: httpd-2.4.54-1.fc35
2022-07-06 01:54:10
suse
suse
Security update for apache2 (important)
2022-07-06 00:00:00
Security update for apache2 (important)
2022-07-08 00:00:00
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2022-06-08 00:00:00
amazon
amazon
Medium: httpd24
2022-06-30 23:38:00
Medium: httpd
2022-07-06 03:12:00
redos
redos
ROS-20220628-01
2022-06-28 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package apache2 version 1:2.4.54-alt1
2022-06-19 00:00:00
Security fix for the ALT Linux 10 package apache2 version 1:2.4.54-alt1
2022-06-21 00:00:00
slackware
slackware
[slackware-security] httpd
2022-06-08 19:24:07
kaspersky
kaspersky
KLA12554 Multiple vulnerabilities in Apache HTTP Server
2022-06-08 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0202
2022-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0489
2022-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0409
2022-06-23 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2161
2023-05-03 11:17:19
rocky
rocky
httpd security, bug fix, and enhancement update
2022-11-15 06:14:59
httpd:2.4 security update
2022-11-08 06:25:28
redhat
redhat
(RHSA-2022:7647) Moderate: httpd:2.4 security update
2022-11-08 06:25:28
(RHSA-2022:8067) Moderate: httpd security, bug fix, and enhancement update
2022-11-15 06:14:59
(RHSA-2022:6753) Moderate: httpd24-httpd security and bug fix update
2022-09-29 13:20:41
oraclelinux
oraclelinux
httpd security, bug fix, and enhancement update
2022-11-22 00:00:00
httpd:2.4 security update
2022-11-15 00:00:00
almalinux
almalinux
Moderate: httpd:2.4 security update
2022-11-08 00:00:00
Moderate: httpd security, bug fix, and enhancement update
2022-11-15 00:00:00
gentoo
gentoo
Apache HTTPD: Multiple Vulnerabilities
2022-08-14 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
8.9
Confidence
High
EPSS
0.003
Percentile
70.6%
Related for ALPINE:CVE-2022-30556