A flaw was found in Apache’s HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality.

References

bugzilla.redhat.com/show_bug.cgi?id=1820772

httpd.apache.org/security/vulnerabilities_24.html

nvd.nist.gov/vuln/detail/CVE-2020-1934

www.cve.org/CVERecord?id=CVE-2020-1934

osv 6

prion 1

alpinelinux 1

cve 1

f5 1

hackerone 1

ubuntucve 1

httpd 1

veracode 1

debiancve 1

ibm 14

nessus 42

altlinux 3

openvas 21

mageia 1

kaspersky 1

amazon 2

photon 6

freebsd 1

attackerkb 1

suse 1

archlinux 1

fedora 2

debian 3

ubuntu 1

centos 1

oraclelinux 2

redhat 4

almalinux 1

rocky 1

symantec 1

oracle 2

osv

CVE-2020-1934

2020-04-01 20:15:15

BIT-apache-2020-1934

2024-03-06 10:56:53

apache2 - security update

2020-08-31 00:00:00

prion

Code injection

2020-04-01 20:15:00

alpinelinux

CVE-2020-1934

2020-04-01 20:15:00

cve

CVE-2020-1934

2020-04-01 20:15:00

Apache mod_proxy_ftp vulnerability CVE-2020-1934

2021-03-10 19:35:00

hackerone

Internet Bug Bounty: Use of uninitialized value in ftp_getrc_msg method of mod_proxy_ftp.c

2020-04-04 07:29:16

ubuntucve

CVE-2020-1934

2020-04-01 00:00:00

httpd

Apache Httpd < 2.4.42 : mod_proxy_ftp use of uninitialized value

2020-01-03 00:00:00

veracode

Information Disclosure

2020-06-23 03:36:09

debiancve

CVE-2020-1934

2020-04-01 20:15:00

ibm

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2020-1927, CVE-2020-1934)

2020-04-17 21:29:53

Security Bulletin: Vulnerabilities CVE-2020-1927 and CVE-2020-1934 in Apache HTTP Server affect IBM i

2020-06-10 20:52:43

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server

2020-04-15 19:22:22

nessus

EulerOS Virtualization 3.0.6.0 : httpd (EulerOS-SA-2020-1749)

2020-07-01 00:00:00

Amazon Linux AMI : httpd24 (ALAS-2020-1370)

2020-06-04 00:00:00

Apache 2.4.x < 2.4.42 Multiple Vulnerabilities

2020-04-10 00:00:00

altlinux

Security fix for the ALT Linux 8 package apache2 version 1:2.4.43-alt1

2020-04-09 00:00:00

Security fix for the ALT Linux 9 package apache2 version 1:2.4.43-alt1

2020-04-08 00:00:00

Security fix for the ALT Linux 10 package apache2 version 1:2.4.43-alt1

2020-04-06 00:00:00

openvas

Apache HTTP Server 2.4.0 < 2.4.42 Multiple Vulnerabilities - Windows

2020-04-03 00:00:00

Apache HTTP Server 2.4.0 < 2.4.42 Multiple Vulnerabilities - Linux

2020-04-03 00:00:00

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1601)

2020-06-03 00:00:00

mageia

Updated apache packages fix security vulnerabilities

2020-04-15 13:12:14

kaspersky

KLA12367 Multiple vulnerabilities in Apache HTTP Server

2020-04-01 00:00:00

amazon

Low: httpd

2020-05-19 18:32:00

Low: httpd24

2020-05-22 20:57:00

photon

Moderate Photon OS Security Update - PHSA-2020-0079

2020-04-10 00:00:00

Moderate Photon OS Security Update - PHSA-2020-3.0-0079

2020-04-10 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0228

2020-04-10 00:00:00

freebsd

Apache -- Multiple vulnerabilities

2020-04-01 00:00:00

attackerkb

CVE-2020-1934

2020-04-01 00:00:00

suse

Security update for apache2 (important)

2020-05-02 00:00:00

archlinux

[ASA-202004-14] apache: multiple issues

2020-04-15 00:00:00

fedora

[SECURITY] Fedora 32 Update: httpd-2.4.46-1.fc32

2020-08-31 15:50:53

[SECURITY] Fedora 31 Update: httpd-2.4.46-1.fc31

2020-09-03 16:27:14

debian

[SECURITY] [DSA 4757-1] apache2 security update

2020-08-31 15:10:58

[SECURITY] [DSA 4757-1] apache2 security update

2020-08-31 15:10:58

[SECURITY] [DLA 2706-1] apache2 security update

2021-07-09 08:50:21

ubuntu

Apache HTTP Server vulnerabilities

2020-08-13 00:00:00

centos

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

2020-10-20 18:13:33

oraclelinux

httpd security, bug fix, and enhancement update

2020-10-06 00:00:00

httpd:2.4 security, bug fix, and enhancement update

2020-11-10 00:00:00

redhat

(RHSA-2020:3958) Moderate: httpd security, bug fix, and enhancement update

2020-09-29 07:46:42

(RHSA-2020:2646) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update

2020-06-22 13:04:38

(RHSA-2020:2644) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update

2020-06-22 12:14:48

almalinux

Moderate: httpd:2.4 security, bug fix, and enhancement update

2020-11-03 12:33:02

rocky

httpd:2.4 security, bug fix, and enhancement update

2020-11-03 12:33:02

symantec

Apache HTTP Server Vulnerabilities Jan 2019 - Apr 2020

2020-06-12 20:41:37

oracle

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - July 2020

2020-07-14 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

53.8%

JSON

Related for RH:CVE-2020-1934