BIT-apache-2021-44790

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/apache/BIT-apache-2021-44790.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-apache-2021-44790
Aliases
Published
2024-03-06T10:54:08.593Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

References

Affected packages

Bitnami / apache

Package

Name
apache
Purl
pkg:bitnami/apache

Severity

  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.51