ALT Linux Team

Package apache2-mod_apreq update in sisyphus on 2021-03-18

ALT-PU-2021-1514-1

Package apache2-mod_apreq updated to version 2.15-alt1 for branch sisyphus in task 268001.

Closed vulnerabilities

Published: 2019-12-23

BDU:2020-01287

Уязвимость функции create_multipart_context() библиотеки libapreq2, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-11-19
Modified: 2024-11-21

CVE-2019-12412

A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top