# Apache CVE-2006-20001 / CVE-2022-36760 / CVE-2022-37436

## What<button aria-label="Copy link to heading" class="css-779anb"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

On January 17, 2023, Apache released version 2.4.55 to address three vulnerabilities (CVE-2006-20001/CVE-2022-36760/CVE-2022-37436).

## When/Why<button aria-describedby="5974val-tooltip" aria-label="Copy link to heading" class="css-779anb"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

Our development team has reviewed these vulnerabilities and found that FileWave is not vulnerable to any of them.

## How<button aria-label="Copy link to heading" class="css-779anb"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

Two of the modules are not used and the third module exploit is not relevant for our implementation. We plan to incorporate Apache version 2.4.55 or later in the next possible release.

## Related Links

- [https://httpd.apache.org/security/vulnerabilities\_24.html](https://httpd.apache.org/security/vulnerabilities_24.html)