Apache CVE-2006-20001 / CVE-2022-36760 / CVE-2022-37436

What

On January 17, 2023, Apache released version 2.4.55 to address three vulnerabilities (CVE-2006-20001/CVE-2022-36760/CVE-2022-37436).

When/Why

Our development team has reviewed these vulnerabilities and found that FileWave is not vulnerable to any of them.

How

Two of the modules are not used and the third module exploit is not relevant for our implementation. We plan to incorporate Apache version 2.4.55 or later in the next possible release.


Revision #1
Created 21 June 2023 19:45:40 by Josh Levitsky
Updated 21 June 2023 19:46:26 by Josh Levitsky