A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2021-12-20T00:00:00

Updated: 2024-08-04T04:32:13.543Z

Reserved: 2021-12-10T00:00:00

Link: CVE-2021-44790

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-12-20T12:15:07.440

Modified: 2023-11-07T03:39:43.780

Link: CVE-2021-44790

cve-icon Redhat

Severity : Important

Publid Date: 2021-12-20T00:00:00Z

Links: CVE-2021-44790 - Bugzilla