Apache – CVE-2022-29404

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to denial of service (DoS). Also known as CVE-2022-29404.

By sending a malicious request to a lua script that calls r:parsebody(0), a denial of service is possible.
That happens due to no default limit on the possible input size.

Recommendation

To fix CVE-2022-29404, upgrade the version of Apache Server being used to 2.4.54.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404

< Return to all Vulnerabilities

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 9000 vulnerabilities.Kayran’s mission is to make

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »