Apache – CVE-2022-29404

Home » Blog » Apache – CVE-2022-29404

Description

Kayran has detected that the version of Apache HTTP Server being used is vulnerable to denial of service (DoS). Also known as CVE-2022-29404.

By sending a malicious request to a lua script that calls r:parsebody(0), a denial of service is possible.
That happens due to no default limit on the possible input size.

Severity/Score

CVSS Version 3.x – 7.5 High

Recommendation

To fix CVE-2022-29404, upgrade the version of Apache Server being used to 2.4.54.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404

https://cwe.mitre.org/data/definitions/770.html

< Return to all Vulnerabilities

PT- Pentest – Penetration Testing

There’s no way you’ve had a working internet connection in the last year and you haven’t seen or heard the terms PT, Pentest or Penetration

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Terms and Topics in Cybersecurity that you should know

The Cybersecurity field is one of the fields that has been growing rapidly and steadily in recent years, as the demand for it grew more

Browser Exploitation

We know that it’s possible to exploit weaknesses (or vulnerabilities) that exist in anything, from a certain code to the entire application, let’s talk about

Information Disclosure – Self revealing our Secrets

Remember those tired Devs? Well, sometimes they tend to make mistakes, as mentioned before, but imagine, writing everything important to you on a wall visible

The fundamentals of HTML

HTML is not a single word, in oppose to what many people think, HTML stands for HyperText Markup Language, and from the fact the language’s

WEB APPLICATION VULNERABILITY SCANNER