Apache Libapreq2 vulnerabilities

CVE-2022-22728 [HIGH] CWE-120 CVE-2022-22728: A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.

CVE-2019-12412 [HIGH] CWE-476 CVE-2019-12412: A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a pr A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.

CVE-2006-0042 [MEDIUM] CVE-2006-0042: Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apa Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.