Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache read beyond bounds via ap_rwrite() Vulnerability - CVE-2022-28614 - Vulnerability Database
Apache HTTP Server

Apache read beyond bounds via ap_rwrite() Vulnerability - CVE-2022-28614

Medium
Reference: CVE-2022-28614
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-28614
Title: Apache read beyond bounds via ap_rwrite() Vulnerability
Overview:

The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs() such as with mod_luas r:puts() function.