Lucene search
Apache Team FoundationHTTPD:883E996A34F70F5DF670D81697321AABHistoryNov 09, 2014 - 12:00 a.m.
Apache Httpd < 2.4.12 : mod_lua multiple "Require" directive handling is broken
2014-11-0900:00:00
Apache Team Foundation
httpd.apache.org
14
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.5%
Fix handling of the Require line in mod_lau when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache httpd | eq | 2.4.10 | |
| apache httpd | eq | 2.4.9 | |
| apache httpd | eq | 2.4.7 | |
| apache httpd | eq | 2.4.6 | |
| apache httpd | eq | 2.4.4 | |
| apache httpd | eq | 2.4.3 | |
| apache httpd | eq | 2.4.2 | |
| apache httpd | eq | 2.4.1 |
Related
mageia
mageia
Updated apache packages fix CVE-2014-8109
2015-01-07 19:32:10
openvas
openvas
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2016-1039)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2015-0011)
2022-01-28 00:00:00
Apache HTTP Server 'mod_lua' Denial of Service Vulnerability (May 2015)
2015-05-27 00:00:00
prion
prion
Authorization
2014-12-29 23:59:00
nessus
nessus
EulerOS 2.0 SP1 : httpd (EulerOS-SA-2016-1039)
2017-05-01 00:00:00
Fedora 21 : httpd-2.4.12-1.fc21 (2015-9216)
2015-06-03 00:00:00
openSUSE Security Update : apache2 (openSUSE-SU-2014:1726-1)
2014-12-30 00:00:00
cve
cve
CVE-2014-8109
2014-12-29 23:59:00
ubuntucve
ubuntucve
CVE-2014-8109
2014-12-29 00:00:00
debiancve
debiancve
CVE-2014-8109
2014-12-29 23:59:00
fedora
fedora
[SECURITY] Fedora 21 Update: httpd-2.4.12-1.fc21
2015-06-02 15:17:51
[SECURITY] Fedora 21 Update: httpd-2.4.10-15.fc21
2015-03-16 01:41:46
[SECURITY] Fedora 20 Update: httpd-2.4.10-2.fc20
2015-02-28 10:22:55
hackerone
hackerone
f5
f5
Apache vulnerabilities CVE-2014-8109, CVE-2014-3581, CVE-2014-3583
2015-07-03 00:14:00
amazon
amazon
Low: httpd24
2015-02-12 10:57:00
slackware
slackware
[slackware-security] httpd
2015-04-22 01:20:26
freebsd
freebsd
apache24 -- several vulnerabilities
2015-01-29 00:00:00
securityvulns
securityvulns
[USN-2523-1] Apache HTTP Server vulnerabilities
2015-03-15 00:00:00
Apache multiple security vulnerabilities
2015-04-16 00:00:00
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2015-03-10 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2016
2016-01-19 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.5%
Related for HTTPD:883E996A34F70F5DF670D81697321AAB