Apache – CVE-2022-29404

Home » Blog » Apache – CVE-2022-29404

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to denial of service (DoS). Also known as CVE-2022-29404.

By sending a malicious request to a lua script that calls r:parsebody(0), a denial of service is possible.
That happens due to no default limit on the possible input size.

Severity/Score

CVSS Version 3.x – 7.5 High

Recommendation

To fix CVE-2022-29404, upgrade the version of Apache Server being used to 2.4.54.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404

https://cwe.mitre.org/data/definitions/770.html

< Return to all Vulnerabilities

The fundamentals of HTML

HTML is not a single word, in oppose to what many people think, HTML stands for HyperText Markup Language, and from the fact the language’s

Models – CIA and AAA

The field of information security is based on a number of basic principles that are important for us. Each principle is part of two main

Understanding Attackers

Looking in the Attacker’s eyes – There are many ways we can do it. So when we want to achieve the goal of Understanding Attackers,

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

The least choking snake – Python

Nice title does it? No but seriously, tell it to my boss. but seriously-Seriously, in this article we are gonna talk about Python, and no,

A security vulnerability our API hates

As you know, we’ve talked about many different and critical subjects related to application programming and knowing that it is very important to protect them,

WEB APPLICATION VULNERABILITY SCANNER