Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Libapreq2
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-22728 3 Apache, Debian, Fedoraproject 3 Libapreq2, Debian Linux, Fedora 2024-11-21 N/A 7.5 HIGH
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
CVE-2019-12412 1 Apache 1 Libapreq2 2024-11-21 5.0 MEDIUM 7.5 HIGH
A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
CVE-2006-0042 2 Apache, Debian 2 Libapreq2, Debian Linux 2024-11-21 5.0 MEDIUM N/A
Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.