Apache CVE-2006-20001 / CVE-2022-36760 / CVE-2022-37436
What
On January 17, 2023, Apache released version 2.4.55 to address three vulnerabilities (CVE-2006-20001/CVE-2022-36760/CVE-2022-37436).
When/Why
Our development team has reviewed these vulnerabilities and found that FileWave is not vulnerable to any of them.
How
Two of the modules are not used and the third module exploit is not relevant for our implementation. We plan to incorporate Apache version 2.4.55 or later in the next possible release.