Skip to main content

Apache CVE-2006-20001 / CVE-2022-36760 / CVE-2022-37436

What

On January 17, 2023, Apache released versionHTTP Server 2.4.55 to address three vulnerabilities (CVE-2006-20001/20001, CVE-2022-36760/36760, and CVE-2022-37436).37436.

When/Why

Our development team hasFileWave reviewed these vulnerabilities and found that FileWave iswas not vulnerable to any of them.

How

Two of theaffected modules arewere not usedused, and the third moduleissue exploit iswas not relevant forto ourFileWave's implementation. WeThis planpage tois incorporateretained Apacheas versiona 2.4.55historical orFileWave latersecurity inassessment; thekeep nextFileWave possibleServer release.on a supported release so bundled components stay current.