mod_dav out of bounds read, or write of zero byte (CVE-2006-20001)
(moderate)
mod_proxy_ajp Possible request smuggling (CVE-2022-36760) (moderate)
mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response
splitting (CVE-2022-37436) (moderate)

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchapache24< 2.4.55UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	apache24	< 2.4.55	UNKNOWN

References

downloads.apache.org/httpd/CHANGES_2.4.55

altlinux 2

nessus 55

oraclelinux 2

ubuntu 3

almalinux 2

openvas 33

osv 14

redhat 6

amazon 2

rocky 2

fedora 2

kaspersky 1

mageia 1

slackware 1

debian 2

ibm 12

gentoo 1

photon 2

prion 3

veracode 3

redhatcve 3

f5 3

cloudlinux 2

cve 3

ubuntucve 3

cnvd 1

alpinelinux 3

debiancve 3

broadcom 2

cbl_mariner 4

rosalinux 2

hp 1

qualysblog 1

ics 1

oracle 3

altlinux

Security fix for the ALT Linux 9 package apache2 version 1:2.4.55-alt1

2023-02-16 00:00:00

Security fix for the ALT Linux 10 package apache2 version 1:2.4.55-alt1

2023-02-07 00:00:00

nessus

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current httpd Multiple Vulnerabilities (SSA:2023-018-02)

2023-01-18 00:00:00

AlmaLinux 9 : httpd (ALSA-2023:0970)

2023-02-28 00:00:00

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2023-1901)

2023-05-16 00:00:00

oraclelinux

httpd:2.4 security and bug fix update

2023-02-22 00:00:00

httpd security and bug fix update

2023-02-28 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2023-02-01 00:00:00

Apache HTTP Server vulnerabilities

2023-01-31 00:00:00

Apache HTTP Server vulnerability

2023-02-02 00:00:00

almalinux

Moderate: httpd:2.4 security and bug fix update

2023-02-21 00:00:00

Moderate: httpd security and bug fix update

2023-02-28 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2023:0321-1)

2023-02-10 00:00:00

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-2240)

2023-06-12 00:00:00

Fedora: Security Advisory for httpd (FEDORA-2023-f6ff3f85eb)

2023-01-29 00:00:00

osv

Moderate: httpd security and bug fix update

2023-04-06 15:53:36

Moderate: httpd:2.4 security and bug fix update

2023-02-22 01:08:53

apache2 vulnerabilities

2023-02-01 13:09:22

redhat

(RHSA-2023:0970) Moderate: httpd security and bug fix update

2023-02-28 07:53:34

(RHSA-2023:0852) Moderate: httpd:2.4 security and bug fix update

2023-02-21 08:48:58

(RHSA-2023:4629) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update

2023-08-15 17:35:29

amazon

Important: httpd

2023-02-17 00:10:00

Important: httpd24

2023-03-17 15:53:00

rocky

httpd security and bug fix update

2023-04-06 15:53:36

httpd:2.4 security and bug fix update

2023-02-22 01:08:53

fedora

[SECURITY] Fedora 37 Update: httpd-2.4.55-1.fc37

2023-01-28 01:27:38

[SECURITY] Fedora 36 Update: httpd-2.4.55-1.fc36

2023-02-03 01:42:01

kaspersky

KLA20167 Multiple vulnerabilities in Apache HTTP Server

2023-01-17 00:00:00

mageia

Updated apache packages fix security vulnerability

2023-02-07 03:06:39

slackware

[slackware-security] httpd

2023-01-18 06:23:09

debian

[SECURITY] [DLA 3351-1] apache2 security update

2023-03-03 16:35:17

[SECURITY] [DSA 5376-1] apache2 security update

2023-03-20 18:52:17

ibm

Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting and denial of service attacks (CVE-2022-37436, CVE-2006-20001)

2023-04-19 15:11:52

Security Bulletin: Multiple security vulnerabilities has been identified in IBM HTTP Server shipped with IBM Rational ClearCase [CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-25147, CVE-2006-20001]

2023-03-03 06:30:57

Security Bulletin: Vulnerability in Apache HTTP Server (CVE-2022-36760 and CVE-2022-37436 ) affects Power HMC

2023-06-20 09:31:46

gentoo

Apache HTTPD: Multiple Vulnerabilities

2023-09-08 00:00:00

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0522

2023-01-31 00:00:00

Critical Photon OS Security Update - PHSA-2023-4.0-0325

2023-02-01 00:00:00

prion

Design/Logic Flaw

2023-01-17 20:15:00

Code injection

2023-01-17 20:15:00

Design/Logic Flaw

2023-01-17 20:15:00

veracode

Denial Of Service (DoS)

2023-01-20 06:55:49

HTTP Response Splitting

2023-01-21 12:15:11

HTTP Request Smuggling

2023-01-23 12:46:08

redhatcve

CVE-2006-20001

2023-01-18 19:05:06

CVE-2022-36760

2023-01-18 19:05:48

CVE-2022-37436

2023-01-18 19:05:38

K000132525 : Apache vulnerability CVE-2006-20001

2023-02-14 00:00:00

K000132665 : Apache HTTPD vulnerability CVE-2022-37436

2023-02-22 00:00:00

K000132643 : Apache HTTP server vulnerability CVE-2022-36760

2023-02-22 00:00:00

cloudlinux

httpd: Fix of CVE-2006-20001

2023-03-06 21:06:33

httpd: Fix of CVE-2022-36760

2023-01-30 20:52:19

cve

CVE-2006-20001

2023-01-17 20:15:11

CVE-2022-37436

2023-01-17 20:15:11

CVE-2022-36760

2023-01-17 20:15:11

ubuntucve

CVE-2006-20001

2023-01-17 00:00:00

CVE-2022-37436

2023-01-17 00:00:00

CVE-2022-36760

2023-01-17 00:00:00

cnvd

Apache HTTP Server Buffer Overflow Vulnerability (CNVD-2023-80558)

2023-10-19 00:00:00

alpinelinux

CVE-2006-20001

2023-01-17 20:15:11

CVE-2022-37436

2023-01-17 20:15:11

CVE-2022-36760

2023-01-17 20:15:11

debiancve

CVE-2006-20001

2023-01-17 20:15:11

CVE-2022-37436

2023-01-17 20:15:11

CVE-2022-36760

2023-01-17 20:15:11

broadcom

mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting

2023-06-12 00:00:00

CVE-2022-36760 - HTTP Request Smuggling

2023-05-02 00:00:00

cbl_mariner

CVE-2022-37436 affecting package httpd for versions less than 2.4.55-1

2023-02-14 20:36:06

CVE-2022-36760 affecting package httpd 2.4.54-1

2023-02-14 02:35:58

CVE-2022-37436 affecting package httpd 2.4.54-1

2023-02-14 02:35:58

rosalinux

Advisory ROSA-SA-2023-2161

2023-05-03 11:17:19

Advisory ROSA-SA-2023-2159

2023-04-25 11:49:15

HP Device Manager Security Updates

2023-04-13 00:00:00

qualysblog

Oracle Patch Tuesday April 2023 Security Update Review

2023-04-19 11:47:21

ics

Siemens SCALANCE XCM-/XRM-300

2024-02-15 12:00:00

oracle

Oracle Critical Patch Update Advisory - July 2023

2023-07-18 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.5%

JSON

Related for 00919005-96A3-11ED-86E9-D4C9EF517024