Apache CVE-2006-20001 / CVE-2022-36760 / CVE-2022-37436
What
On January 17, 2023, Apache released versionHTTP Server 2.4.55 to address three vulnerabilities (CVE-2006-20001/20001, CVE-2022-36760/36760, and CVE-2022-37436).37436.
When/Why
Our development team hasFileWave reviewed these vulnerabilities and found that FileWave iswas not vulnerable to any of them.
How
Two of theaffected modules arewere not usedused, and the third moduleissue exploit iswas not relevant forto ourFileWave's implementation. WeThis planpage tois incorporateretained Apacheas versiona 2.4.55historical orFileWave latersecurity inassessment; thekeep nextFileWave possibleServer release.on a supported release so bundled components stay current.