SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2026:2104-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2104-1 advisory. This update for apache2 fixes the following issues - CVE-2026-23918: http2: double free and possible RCE on...

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...

apache2-2.4.67-1.1 on GA media (moderate)

apache2-2.4.67-1.1 on GA media Announcement ID: openSUSE-SU-2026:10785-1 Rating: moderate Cross-References: CVE-2026-23918 CVE-2026-24072 CVE-2026-28780 CVE-2026-29168 CVE-2026-29169 CVE-2026-33006 CVE-2026-33007 CVE-2026-33523 CVE-2026-33857 CVE-2026-34032 CVE-2026-34059 CVSS scores:...

[SECURITY] [ERRATUM] [SECURITY] [DLA 4571-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4571-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 08, 2026 https://wiki.debian.org/LTS -...

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by multiple vulnerabilities due to libexpat and the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2026-24072 DESCRIPTION: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier...

[SECURITY] [DLA 4571-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4571-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 08, 2026 https://wiki.debian.org/LTS -...

Debian dsa-6248 : apache2 - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6248 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6248-1 [email protected]...

UBUNTU-CVE-2026-24072

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

Linux Distros Unpatched Vulnerability : CVE-2026-24072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the http...

CVE-2026-24072 Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

www/apache24 -- Multiple vulnerabilities

The Apache httpd project reports: modproxyajp: CVE-2026-34059, CVE-2026-34032, CVE-2026-33857, CVE-2026-28780 multiple modules: CVE-2026-33523 modauthnsocache: CVE-2026-33007 modauthdigest: CVE-2026-33006 moddavlock: moddavlock modmd: CVE-2026-29168 modrewrite: CVE-2026-24072 modhttp2:...