CVE-2022-30556

Summary

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache HTTP Serverunspecified <= 2.4.53affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

References