CLSA-2022-1646060698

CVE-2021-28651: Fix memory leak that perform DoS via buffer-management bug
CVE-2021-28652: Fix cache manager URL parsing that perform DoS via incorrect parser validation
CVE-2021-28662: Add limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs that perform DoS via certain response header
CVE-2021-31806: Add handling more partial responses that perform DoS via HTTP Range request
CVE-2021-31807: Add handling more partial responses that perform DoS via HTTP Range request
CVE-2021-31808: Add handling more partial responses that perform DoS via HTTP Range request
CVE-2021-33620: Add handling more partial responses that perform DoS via HTTP response

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1-2.module_el8.4.0+2010+24c223d9

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1646060698.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1-2.module_el8.4.0+2010+24c223d9

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1646060698.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7:4.11-4.module_el8.4.0+2010+24c223d9.2.tuxcare.els1

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1646060698.json"