CVE-2020-35452

More information about this CVE will likely be available in a few days.

Description

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow

Related CPE's

Could not find any relations

References

N/A

N/A

[httpd-announce] 20210609 CVE-2020-35452: mod_auth_digest possible stack overflow by one nul byte

[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json

[oss-security] 20210609 CVE-2020-35452: Apache httpd: mod_auth_digest possible stack overflow by one nul byte

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io