Apache – CVE-2022-22719

Description

Cytrix has detected that the Version of Apache HTTP Server being used use a ‘mod_lua’ of an uninitialized value in ‘r:parsebody’.
CVE-2022-22719 is categorized as a ‘Improper Initialization’ vulnerability (CWE-665).
Improper Initialization occur when the software does not initialize or incorrectly initializes a resource.

That might leave resources in an unexpected state when it’s being accessed or used.

By crafting a request, its body can cause a ‘read’ to a random memory area which could cause the entire process to crash.
It could lead to a decrease in performance and interruptions in the availability of resources.

Recommendation

To fix CVE-2022-22719, upgrade the version of Apache HTTP Server being used to 2.4.53.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719

https://cwe.mitre.org/data/definitions/665.html

< Return to all Vulnerabilities

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »

What is Kayran

Cytrix scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Cytrix’s mission is to make

Read More »