Bugs fixes in "apache2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2022-31813 | Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop m | 2022-06-21 |
| CVE | CVE-2022-30556 | Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the | 2022-06-21 |
| CVE | CVE-2022-30522 | If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may m | 2022-06-21 |
| CVE | CVE-2022-29404 | In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no defau | 2022-06-21 |
| CVE | CVE-2022-28615 | Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extrem | 2022-06-21 |
| CVE | CVE-2022-28614 | The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very larg | 2022-06-21 |
| CVE | CVE-2022-26377 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to sm | 2022-06-21 |
| CVE | CVE-2022-31813 | Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop m | 2022-06-21 |
| CVE | CVE-2022-30556 | Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the | 2022-06-21 |
| CVE | CVE-2022-30522 | If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may m | 2022-06-21 |
| CVE | CVE-2022-29404 | In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no defau | 2022-06-21 |
| CVE | CVE-2022-28615 | Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extrem | 2022-06-21 |
| CVE | CVE-2022-28614 | The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very larg | 2022-06-21 |
| CVE | CVE-2022-26377 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to sm | 2022-06-21 |
| CVE | CVE-2022-31813 | Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop m | 2022-06-21 |
| CVE | CVE-2022-30556 | Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the | 2022-06-21 |
| CVE | CVE-2022-30522 | If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may m | 2022-06-21 |
| CVE | CVE-2022-29404 | In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no defau | 2022-06-21 |
| CVE | CVE-2022-28615 | Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extrem | 2022-06-21 |
| CVE | CVE-2022-28614 | The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very larg | 2022-06-21 |
About
-
Send Feedback to @ubuntu_updates
