Lucene search

CVE-2020-35452

🗓️ 10 Jun 2021 07:07:15Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 7 Media mentions👁 2314 Views

CVE-2020-35452: Apache HTTP Server 2.4.0-2.4.46 stack overflow in mod_auth_diges

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 137
Veracode	Denial Of Service (DoS)	13 Jun 202108:39	–	veracode
Prion	Stack overflow	10 Jun 202107:15	–	prion
OSV	CVE-2020-35452	10 Jun 202107:15	–	osv
OSV	UBUNTU-CVE-2020-35452	10 Jun 202107:15	–	osv
OSV	BIT-APACHE-2020-35452	6 Mar 202410:56	–	osv
OSV	SUSE-SU-2021:14749-1 Security update for apache2	17 Jun 202107:53	–	osv
OSV	RHSA-2022:1915 Red Hat Security Advisory: httpd:2.4 security and bug fix update	13 Sep 202420:34	–	osv
OSV	ALSA-2022:1915 Moderate: httpd:2.4 security and bug fix update	10 May 202208:07	–	osv
OSV	RLSA-2022:1915 Moderate: httpd:2.4 security and bug fix update	10 May 202208:07	–	osv
OSV	USN-4994-2 apache2 vulnerabilities	21 Jun 202115:25	–	osv

Nvd

Vulners

Node

apache http_serverRange2.4.0–2.4.46

Node

debian debian_linuxMatch9.0

debian debian_linuxMatch10.0

Node

fedoraproject fedoraMatch34

fedoraproject fedoraMatch35

Node

oracle enterprise_manager_ops_centerMatch12.4.0.0

oracle instantis_enterprisetrackMatch17.1

oracle instantis_enterprisetrackMatch17.2

oracle instantis_enterprisetrackMatch17.3

oracle zfs_storage_appliance_kitMatch8.8

[
  {
    "product": "Apache HTTP Server",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "2.4.46"
      },
      {
        "status": "affected",
        "version": "2.4.43"
      },
      {
        "status": "affected",
        "version": "2.4.41"
      },
      {
        "status": "affected",
        "version": "2.4.39"
      },
      {
        "status": "affected",
        "version": "2.4.38"
      },
      {
        "status": "affected",
        "version": "2.4.37"
      },
      {
        "status": "affected",
        "version": "2.4.35"
      },
      {
        "status": "affected",
        "version": "2.4.34"
      },
      {
        "status": "affected",
        "version": "2.4.33"
      },
      {
        "status": "affected",
        "version": "2.4.29"
      },
      {
        "status": "affected",
        "version": "2.4.28"
      },
      {
        "status": "affected",
        "version": "2.4.27"
      },
      {
        "status": "affected",
        "version": "2.4.26"
      },
      {
        "status": "affected",
        "version": "2.4.25"
      },
      {
        "status": "affected",
        "version": "2.4.23"
      },
      {
        "status": "affected",
        "version": "2.4.20"
      },
      {
        "status": "affected",
        "version": "2.4.18"
      },
      {
        "status": "affected",
        "version": "2.4.17"
      },
      {
        "status": "affected",
        "version": "2.4.16"
      },
      {
        "status": "affected",
        "version": "2.4.12"
      },
      {
        "status": "affected",
        "version": "2.4.10"
      },
      {
        "status": "affected",
        "version": "2.4.9"
      },
      {
        "status": "affected",
        "version": "2.4.7"
      },
      {
        "status": "affected",
        "version": "2.4.6"
      },
      {
        "status": "affected",
        "version": "2.4.4"
      },
      {
        "status": "affected",
        "version": "2.4.3"
      },
      {
        "status": "affected",
        "version": "2.4.2"
      },
      {
        "status": "affected",
        "version": "2.4.1"
      },
      {
        "status": "affected",
        "version": "2.4.0"
      }
    ]
  }
]

Source	Link
debian	www.debian.org/security/2021/dsa-4937
lists	www.lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E
openwall	www.openwall.com/lists/oss-security/2021/06/10/5
lists	www.lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
lists	www.lists.debian.org/debian-lts-announce/2021/07/msg00006.html
oracle	www.oracle.com/security-alerts/cpuoct2021.html
security	www.security.netapp.com/advisory/ntap-20210702-0001/
httpd	www.httpd.apache.org/security/vulnerabilities_24.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jun 2021 07:15Current

8.5High risk

Vulners AI Score8.5

CVSS26.8

CVSS37.3

EPSS0.05482

CWE-787