vulnerability
Apache HTTPD: CVE-2022-28330: Out-of-bounds Read
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Jun 8, 2022 | Jun 9, 2022 | Mar 25, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Jun 8, 2022
Added
Jun 9, 2022
Modified
Mar 25, 2026
Description
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
Solution
apache-httpd-upgrade-latest
References
- CVE-2022-28330
- https://attackerkb.com/topics/CVE-2022-28330
- https://security.netapp.com/advisory/ntap-20220624-0005/
- https://httpd.apache.org/security/vulnerabilities_24.html
- http://www.openwall.com/lists/oss-security/2022/06/08/3
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-32782
- CWE-125
- EUVD-EUVD-2022-32782
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.