Home

CVE-2022-22719

Description

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
29.312

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2022-22719,CVE-2022-22720,CVE-2022-22721,CVE-2022-23943 are fixed in Apache Apache 2.4.53Windows
Multiple vulnerabilities are fixed in IBM HTTP 8.5.5.2Windows
Multiple vulnerabilities are fixed in IBM HTTP 9.0.5.12Windows
Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.3.0Windows
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.4 (Software Update) - AutoRebootMac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.6.6 - Software UpdateMac
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-debuginfo-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-debugsource-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-doc-2.4.51-35.13.1.noarch.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-example-pages-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-prefork-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-prefork-debuginfo-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-utils-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-utils-debuginfo-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-worker-2.4.51-35.13.1.x86_64.rpmLinux
SUSE-SU-2022:0928-1(SUSE Linux Enterprise Server 12-SP5 ) apache2-worker-debuginfo-2.4.51-35.13.1.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update httpd-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update httpd-core-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update httpd-debugsource-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update httpd-devel-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update httpd-filesystem-2.4.53-7.el9.noarch.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update httpd-manual-2.4.53-7.el9.noarch.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update httpd-tools-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update mod_ldap-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update mod_lua-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update mod_proxy_html-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update mod_session-2.4.53-7.el9.x86_64.rpmLinux
(RHSA-2022:8067) httpd security, bug fix, and enhancement update mod_ssl-2.4.53-7.el9.x86_64.rpmLinux
Vulnerabilities CVE-2022-22719,CVE-2022-22720,CVE-2022-22721,CVE-2022-23943 are fixed in Apache Apache 2.4.53 (For Linux)Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-608134Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-605753MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234