CVE-2019-10097

🗓️ 01 Apr 2020 20:22:36Reported by redhat.comType

A vulnerability in Apache httpd mod_remoteip could allow a trusted proxy to send crafted headers, leading to stack buffer overflow or NULL pointer dereference

Reporter	Title	Published	Views	Family All 112
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the IBM i HTTP Server affect IBM i.	18 Dec 201914:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect Rational Build Forge (CVE-2019-9517, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097, CVE-2019-10098)	30 Sep 201912:42	–	ibm
IBM Security Bulletins	Security Bulletin: Aspera Web Application (Faspex, Console, Orchestrator, Shares) are affected by Apache vulnerabilities (CVE-2019-9517, CVE-2019-10097)	7 Feb 202002:17	–	ibm
Tenable Nessus	Amazon Linux 2 : httpd (ALAS-2019-1341)	31 Oct 201900:00	–	nessus
Tenable Nessus	Amazon Linux AMI : httpd24 (ALAS-2019-1311) (Internal Data Buffering)	28 Oct 201900:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0017: httpd:2.4 (ALINUX3-SA-2022:0017)	14 May 202500:00	–	nessus
Tenable Nessus	Apache 2.4.x < 2.4.41 Multiple Vulnerabilities	20 Aug 201900:00	–	nessus
Tenable Nessus	CentOS 8 : httpd:2.4 (CESA-2020:4751)	1 Feb 202100:00	–	nessus
Tenable Nessus	Debian DSA-4509-1 : apache2 - security update (Internal Data Buffering)	27 Aug 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1155)	25 Feb 202000:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-10097
httpd	www.httpd.apache.org/security/vulnerabilities_24.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

24 Jan 2024 12:25Current

1.7Low risk

Vulners AI Score1.7

CVSS 26

CVSS 3.17.2

CVSS 36.6

EPSS0.23546