CVE-2022-30522

CVE-2022-30522: mod_sed denial of service

Vendor Apache Software Foundation
Product Apache HTTP Server
Weakness CWE-789
Published June 8, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.

Key dates

02Disclosure timeline

June 8, 2022 CVE published
August 3, 2024 Record updated