CVE-2022-30556 HTTP/2 may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
This may result in an unsuccessful request or cause an error to be returned to an application.
Apache HTTP Server does not allocate storage for
CVE-2022-28615 performanceani redu larger takeursday comment Z break
The issue may be mitigated by limiting the size of the lua script or module being loaded. Apache HTTP server does not limit the length
CVE-2022-31813 HTTP Server may not send X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism.
Apache HTTP Server software versions earlier than 2.4.53 are therefore potentially vulnerable to XSS attack. To protect against this issue update on your
CVE-2022-26134 - Simple Exploit and Deep Dive on the Confluence OGNL Injection Vulnerability
CVE-2022-26134 is a critical security vulnerability found in Atlassian’s Confluence Server and Data Center. It allows an attacker, with no need to log in
CVE-2022-30503 Nginx 0.7.2 has a segmentation violation in the function njs_set_number at src/njs_value.h
When this vulnerability is exploited by an attacker, the attacker may be able to cause the server to crash, leak memory, or execute arbitrary code.
Episode
00:00:00
00:00:00