Astra Linux - уязвимость в apache2

An attacker who opened an HTTP/2 connection with an initial window size of 0 was able to block the handling of that connection indefinitely in the Apache HTTP Server. This could be used to exhaust server resources, similar to the well-known “slow loris” attack pattern. This issue has been fixed i...

Astra Linux - уязвимость в apache2

When an HTTP/2 stream was reset by a client, there was a time window during which the memory resources associated with the request were not immediately reclaimed. Instead, the de-allocation of those resources was delayed until after the connection was closed. This allowed clients to continue...

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...

TencentOS Server 4: httpd (TSSA-2024:0664)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0664 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Restaurant POS 1.0 SQL Injection

============================================================================================================================================= | Title : Restaurant POS v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bi...

Online MCQ System 1.0 SQL Injection

============================================================================================================================================= | Title : Online mcq System 1.0 Blind Sql injection vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0...

OPENSUSE-SU-2024:13350-1 apache2-2.4.58-1.1 on GA media

These are all security issues fixed in the apache2-2.4.58-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 9 : mod_http2 (RHSA-2024:2368)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2368 advisory. The modhttp2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd:...

Apache HTTP Server Input Validation Error Vulnerability (CNVD-2024-36395)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server version 2.4.58 and earlier versions, which can be exploited t...

AZL-39190 CVE-2023-38709 affecting package httpd for versions less than 2.4.59-1

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...

AZL-38605 CVE-2023-38709 affecting package httpd for versions less than 2.4.61-1

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...

Apache HTTP Server 安全漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server version 2.4.58 and earlier versions, which can be exploited t...

EulerOS Virtualization 2.11.1 : httpd (EulerOS-SA-2024-1400)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2024-1273)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 - When a...

BIT-APACHE-2023-43622 Apache HTTP Server: DoS in HTTP/2 with initial windows size 0

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2023-3302)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 - When a...

EulerOS Virtualization 2.9.0 : httpd (EulerOS-SA-2024-1010)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2024-1061)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 - When a...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1061)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[R2] Security Center Version 6.2.1 Fixes Multiple Vulnerabilities

R2 Security Center Version 6.2.1 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/20/2023 - 10:08 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components Apache was found to contain vulnerabilities, and updated versions have be...