In March, an analysis of the Apache HTTP Server mod_sed filter module revealed a vulnerability, CVE-2022-23943, that could lead to a Denial of Service (DoS) due to buffer size miscalculations, and while the initial fix was implemented, it inadvertently introduced another DoS vulnerability, CVE-2022-30522. This vulnerability, rated as "medium" in severity due to its high impact but limited install base, affects Apache httpd 2.4.53 when large amounts of data are processed by the mod_sed filter, causing memory allocation failures. The issue was resolved in version 2.4.54, and mitigation options include upgrading to the latest version or limiting POST request body sizes to prevent triggering the vulnerability. The mod_sed module allows the manipulation of request and response streams similar to GNU’s sed tool, and the vulnerability can be exploited by sending large data amounts, leading to server process crashes and potential complete DoS. If updating is not possible, applying a patch to the mod_sed filter or configuring the LimitRequestBody directive in Apache's settings is recommended to mitigate the issue.