logo
DATABASE RESOURCES PRICING ABOUT US

CentOS 8 : httpd:2.4 (CESA-2022:1915)

Description

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1915 advisory. - httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452) - httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193) - httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160) - httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related