FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Apache httpd -- Multiple vulnerabilities

Affected packages
		apache24	<	2.4.58

Details

VuXML ID	f923205f-6e66-11ee-85eb-84a93843eb75
Discovery	2023-10-19
Entry	2023-10-19

The Apache httpd project reports:

CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST

CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0

CVE-2023-31122: mod_macro buffer over-read

[source]

References

CVE Name	CVE-2023-31122
CVE Name	CVE-2023-43622
CVE Name	CVE-2023-45802
URL	https://dlcdn.apache.org/httpd/CHANGES_2.4.58