Description
httpd: mod_sed: Read/write beyond bounds.
httpd: Request splitting via HTTP/2 method injection and mod_proxy.
httpd: NULL pointer dereference via malformed requests.
httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path.
httpd: Out-of-bounds write in ap_escape_quotes() via malicious input.
httpd: possible NULL dereference or SSRF in forward proxy configurations.
httpd: mod_lua: Use of uninitialized value of in r:parsebody.
httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody.
httpd: mod_proxy_ajp: Possible request smuggling.
httpd: mod_lua: DoS in r:parsebody.
httpd: mod_sed: DoS vulnerability.
httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism.
httpd: out-of-bounds read via ap_rwrite().
httpd: out-of-bounds read in ap_strcmp_match().
httpd: mod_lua: Information disclosure with websockets.
proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319).
To fix CVE-2022-29404, the default value for the 'LimitRequestBody' directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB.