Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2024-08-04T17:02:08.055Z

Reserved: 2020-12-14T00:00:00

Link: CVE-2020-35452

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-06-10T07:15:07.493

Modified: 2024-11-21T05:27:18.390

Link: CVE-2020-35452

cve-icon Redhat

Severity : Low

Publid Date: 2021-06-04T00:00:00Z

Links: CVE-2020-35452 - Bugzilla

cve-icon OpenCVE Enrichment

No data.