Apache: >> Libapreq2 Security Vulnerabilities
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
CVSS Score
7.5
EPSS Score
0.015
Published
2022-08-25
A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
CVSS Score
7.5
EPSS Score
0.024
Published
2020-11-19
Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
CVSS Score
5.0
EPSS Score
0.071
Published
2006-02-18