CVE-2022-22728

CVE-2022-22728: libapreq2 multipart form parse memory corruption

Vendor Apache Software Foundation
Product libapreq2
Weakness CWE-120
Published August 25, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.

Key dates

02Disclosure timeline

August 25, 2022 CVE published
August 3, 2024 Record updated