oss-sec mailing list archives
CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption
From: Joe Orton <jorton () apache org>
Date: Thu, 25 Aug 2022 14:09:16 +0000
Severity: important Description: A flaw in libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
Current thread:
- CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption Joe Orton (Aug 25)
- Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption Alex Gaynor (Aug 25)
- Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption John Helmert III (Aug 26)