RHSA-2022:0143HighCVSS 9.8
Red Hat Security Advisory: httpd security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2021-26691 — httpd: mod_session: Heap overflow via a crafted SessionHeader value CVE-2021-34798 — httpd: NULL pointer dereference via malformed requests CVE-2021-39275 — httpd: Out-of-bounds write in ap_escape_quotes() via malicious input CVE-2021-44790 — httpd: mod_lua: Possible buffer overflow when parsing multipart content
🔗 References (7)
- selfhttps://access.redhat.com/errata/RHSA-2022:0143
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1966732
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2005119
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2005128
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2034674
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0143.json