Lucene search

PRIOn knowledge basePRION:CVE-2022-22728

HistoryAug 25, 2022 - 3:15 p.m.

Buffer overflow

2022-08-2515:15:00

PRIOn knowledge base

www.prio-n.com

apache

libapreq2

buffer overflow

denial of service

7.5 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.8%

JSON

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.

CPENameOperatorVersion
libapreq2le2.16
debian_linuxeq10.0
fedoraeq35
fedoraeq36
fedoraeq37

Name	Operator	Version
libapreq2	le	2.16
debian_linux	eq	10.0
fedora	eq	35
fedora	eq	36
fedora	eq	37

References

www.openwall.com/lists/oss-security/2022/08/25/3

www.openwall.com/lists/oss-security/2022/08/25/4

www.openwall.com/lists/oss-security/2022/08/26/4

www.openwall.com/lists/oss-security/2022/12/29/1

www.openwall.com/lists/oss-security/2022/12/30/4

www.openwall.com/lists/oss-security/2022/12/31/1

www.openwall.com/lists/oss-security/2022/12/31/5

www.openwall.com/lists/oss-security/2023/01/02/1

www.openwall.com/lists/oss-security/2023/01/02/2

www.openwall.com/lists/oss-security/2023/01/03/2

lists.apache.org/thread/2fsjoor96d47vtkpf76x4yo06nccvy1y

lists.debian.org/debian-lts-announce/2023/01/msg00009.html

lists.fedoraproject.org/archives/list/[email protected]/message/2PUUS3JL44UUSLJTSXE46HVKZIW7E7PE/

lists.fedoraproject.org/archives/list/[email protected]/message/3HZZKVHYYWACPWONPEFRNPIRE3HYLV4T/

lists.fedoraproject.org/archives/list/[email protected]/message/BE5MEHGIQUEIISBCVHM43IN2NBDXBFOJ/

security.gentoo.org/glsa/202305-20