Integer Overflow Vulnerability in Apache HTTP Server 2.4.52 and Earlier
CVE-2022-22721 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
Learn more about our Cis Benchmark Audit For Apache Http Server.