FreeBSD: VID-6601c08d-a46c-11ec-8be6-d4c9ef517024 (CVE-2022-22721): Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: mod_lua: Use of uninitialized value of in r:parsebody (moderate) (CVE-2022-22719)A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. HTTP request smuggling vulnerability (important) (CVE-2022-22720) httpd fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (low) (CVE-2022-22721)If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. mod_sed: Read/write beyond bounds (important) (CVE-2022-23924) Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data.