92 matches found
MiracleLinux 9 : httpd-2.4.62-1.el9 (AXSA:2024-9215:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9215:08 advisory. httpd: HTTP response splitting CVE-2023-38709 httpd: HTTP Response Splitting in multiple modules CVE-2024-24795 Tenable has extracted the preceding...
[SECURITY] [DLA 4158-1] fossil security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4158-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 09, 2025 https://wiki.debian.org/LTS -...
Debian dla-4158 : fossil - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4158 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4158-1 [email protected] https://www.debian.org/lts/security/...
RLSA-2024:9306 Moderate: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP response splitting CVE-2023-38709 httpd: HTTP Response Splitting in multiple modules CVE-2024-24795 For more details about the security issues, including the impact, a...
Linux Distros Unpatched Vulnerability : CVE-2024-24795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cau...
openSUSE Security Advisory (SUSE-SU-2024:1868-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: httpd (CVE-2024-24795)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24795 advisory. - HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject maliciou...
Moderate: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 9 : httpd (RHSA-2024:9306)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9306 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP response...
Moderate: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP response splitting CVE-2023-38709 httpd: HTTP Response Splitting in multiple modules CVE-2024-24795 For more details about the security issues, including the impact, a...
SUSE SLES15: apache2-mod_uwsgi / uwsgi / uwsgi-emperor_pg / uwsgi-emperor_zeromq / etc (SUSE-SU-2024:3861-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3861-1 advisory. - CVE-2024-24795: Fixed HTTP Response Splitting in multiple modules bsc1222332 Tenable has extracted the preceding description block...
openSUSE Security Advisory (SUSE-SU-2024:3861-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3861-1 Security update for uwsgi
This update for uwsgi fixes the following issues: - CVE-2024-24795: Fixed HTTP Response Splitting in multiple modules bsc1222332...
SUSE SLES15 Security Update : uwsgi (SUSE-SU-2024:3853-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3853-1 advisory. - CVE-2024-24795: Fixed HTTP Response Splitting in multiple modules bsc1222332 Tenable has extracted the preceding description block directly from the...
openSUSE: Security Advisory for uwsgi (SUSE-SU-2024:3853-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2668)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2024-1728479129 Fix CVE(s): CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
SECURITY UPDATE: Memory exhaustion due to excessive HTTP/2 incoming headers buffering - debian/patches/CVE-2024-27316.patch: Fix to bail after too many failed reads, increment count on request headers failed to add - CVE-2024-27316 SECURITY UPDATE: Faulty input validation in the core of Apache...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2473)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2024-2349)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM HTTP Server is vulnerable to HTTP response splitting due to the included Apache HTTP Server (CVE-2024-24795, CVE-2023-38709)
Summary IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to HTTP response splitting due to the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2024-24795 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP response splitting attacks, caused by a flaw in multip...