Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Http_server | Apache | * | 2.4.53 (including) |
Red Hat Enterprise Linux 8 | RedHat | httpd:2.4-8070020220725152258.3b9f49c4 | * |
Red Hat Enterprise Linux 9 | RedHat | httpd-0:2.4.53-7.el9 | * |
Red Hat Software Collections for Red Hat Enterprise Linux 7 | RedHat | httpd24-httpd-0:2.4.34-23.el7.5 | * |
Apache2 | Ubuntu | bionic | * |
Apache2 | Ubuntu | devel | * |
Apache2 | Ubuntu | esm-infra/xenial | * |
Apache2 | Ubuntu | focal | * |
Apache2 | Ubuntu | impish | * |
Apache2 | Ubuntu | jammy | * |
Apache2 | Ubuntu | kinetic | * |
Apache2 | Ubuntu | trusty/esm | * |
Apache2 | Ubuntu | upstream | * |