A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-12-20 12:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-44790
Mitre link : CVE-2021-44790
CVE.ORG link : CVE-2021-44790
JSON object : View
Products Affected
oracle
- http_server
- communications_session_report_manager
- zfs_storage_appliance_kit
- instantis_enterprisetrack
- communications_operations_monitor
- communications_session_route_manager
- communications_element_manager
apache
- http_server
apple
- macos
- mac_os_x
tenable
- tenable.sc
debian
- debian_linux
netapp
- cloud_backup
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write