Apache 2.4.x < 2.4.46 Multiple Vulnerabilities

🗓️ 09 Sep 2020 00:00:00Reported by This script is Copyright (C) 2020-2026 and is owned by Tenable, Inc. or an Affiliate thereof.Type

nessus

nessus🔗 www.tenable.com👁 61 Views

Apache 2.4.x < 2.4.46 Multiple Vulnerabilities - mod_proxy_uwsgi info disclosure, remote code execution, HTTP/2 module memory pool misuse, Cache-Digest header cras

Reporter	Title	Published	Views	Family All 258
0day.today	Apache2 mod_proxy_uwsgi Incorrect Request Handling Exploit	31 Aug 202000:00	–	zdt
0day.today	Apache 2 HTTP2 Module Concurrent Pool Usage Vulnerability	8 Dec 202000:00	–	zdt
IBM Security Bulletins	Security Bulletin: Rational Build Forge security advisory for Apache HTTP Server	27 Oct 202020:56	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache HTTP (CVE-2018-17199 and CVE-2020-11993) affects HMC	22 Nov 202106:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - IoT Component uses "Apache httpd 2.4" which is vulnerable to multiple CVEs	21 Mar 202506:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect IBM i	9 Sep 202014:56	–	ibm
FreeBSD	Apache httpd -- Multiple vulnerabilities	7 Aug 202000:00	–	freebsd
ATTACKERKB	CVE-2020-11984 — Multiple Vulnerabilities in Apache Web Server Could Allow for Remote Code Execution	7 Aug 202000:00	–	attackerkb
ATTACKERKB	CVE-2020-9490	7 Aug 202000:00	–	attackerkb
Tenable Nessus	Amazon Linux 2 : httpd (ALAS-2020-1490)	20 Nov 202000:00	–	nessus

Source	Link
httpd	www.httpd.apache.org/security/vulnerabilities_24.html
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
archive	www.archive.apache.org/dist/httpd/CHANGES_2.4.46
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

14 Mar 2023 00:00Current

9.4High risk

Vulners AI Score9.4

CVSS 27.5

CVSS 3.19.8

EPSS0.7629

apache vulnerabilities mod_proxy_uwsgi remote code execution http/2 module memory pool cache-digest header