986 matches found
MiracleLinux 4 : httpd-2.2.15-60.4.0.1.AXS4 (AXSA:2017-1742:03)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1742:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2016-8743 RESERVED This candidate ha...
MiracleLinux 4 : httpd-2.2.15-60.5.0.1.AXS4 (AXSA:2017-1918:04)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1918:04 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. CVE-2017-3167 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.2...
MiracleLinux 3 : httpd-2.2.3-31.2.1AXS3 (AXSA:2009-424:03)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-424:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security bugs fixed with this release: CVE-2009-3094 The approxyftphandle...
MiracleLinux 3 : httpd-2.2.3-43.3.0.1.AXS3 (AXSA:2010-433:03)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-433:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release; CVE-2010-1452 The 1 modcache and...
MiracleLinux 3 : httpd-2.2.3-22.2.1AXS3 (AXSA:2009-77:02)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-77:02 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Fixed bugs: CVE-2009-1890 The streamreqbodycl function in modproxyhttp.c i...
MiracleLinux 7 : httpd-2.4.6-99.1.0.10.el7.AXS7 (AXSA:2025-10901:08)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10901:08 advisory. CVE-2024-47252: escape user-supplied data in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files...
MiracleLinux 7 : httpd-2.4.6-99.1.0.7.el7.AXS7 (AXSA:2025-9722:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9722:03 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security fixes: - CVE-2022-30522: fix possible DoS CVEs: CVE-2022-30522 If Apache...
Oracle Linux 7 : httpd (ELSA-2026-0075)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0075 advisory. - Fix CVE-2025-58098 Orabug: 38816066 - Fixed security update CVE-2024-47252 CVE-2025-49812 Orabug: 38378160 - Differentiate trusted sources Orabug:...
httpd security update
2.4.6-99.0.9.1 - Fix CVE-2025-58098 Orabug: 38816066 2.4.6-99.0.7.1 - Fixed security update CVE-2024-47252 CVE-2025-49812 Orabug: 38378160 2.4.6-99.0.5.1 - Differentiate trusted sources Orabug: 37100272CVE-2024-38476 2.4.6-99.0.3.1 - Opt-ins for unsafe prefixstat and %3f Orabug:...
CVE-1999-0071
Apache httpd cookie buffer overflow for versions 1.1.1 and earlier...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : httpd:2.4 (RHSA-2026:0012)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0012 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: modmd: Apache HTTP...
Important: httpd
Issue Overview: An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache...
Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...
ALSA-2025:23919 Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: httpd (UTSA-2025-991046)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991046 advisory. In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumptio...
AZL-71596 CVE-2025-65082 affecting package httpd for versions less than 2.4.66-1
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...
AZL-71863 CVE-2025-55753 affecting package httpd for versions less than 2.4.66-1
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: fro...
FreeBSD : Apache httpd -- Multiple vulnerabilities (6ebe4a30-d138-11f0-af8c-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6ebe4a30-d138-11f0-af8c-8447094a420f advisory. The Apache httpd project reports: See changelog or 2.4 vulnerabilities for details. Tenable ha...
Advisory ROSA-SA-2025-3082
Software: httpd 2.4.6 OS: rosa-server79 unaffected versions = httpd-2.4.6-99.0.7.res7.1 affected versions httpd-2.4.6-99.0.7.res7.1 CVE-ID: CVE-2024-47252 BDU-ID: 2025-08958 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modssl function of the Apache HTTP Server web server is related to a failu...