Apache HTTP Server mod_isapi Module Buffer Overflow Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in Apache HTTP Server 2.4.53 and earlier versions, which stems from a boundary error in the...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization to the input size allowing an attacker to crash the system via a malicious request to a lua script that calls r:parsebody0...

Apache HTTP Server < 2.4.54 Multiple Vulnerabilities - Windows

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Apache HTTP Server 2.4.53 DoS Vulnerability - Windows

Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache HTTP Server 2.4.53 DoS Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache HTTP Server < 2.4.54 Multiple Vulnerabilities - Linux

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Apache HTTP Server Data Forgery Issue Vulnerability (CNVD-2022-73123)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to a data forgery issue that stems from modproxy's X-Forwarded-For hop-by-hop mechanism discard. An attacker could use this vulnerability to bypass IP-based authentication on the source...

Apache HTTP Server mod_sed denial of service vulnerability

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server modsed suffers from a denial-of-service vulnerability that stems from the fact that modsed may allocate too much memory and trigger an abort when modsed input is too large. An attacker could exploit thi...

Apache HTTP Server HTTP请求走私漏洞

Apache HTTP Server is an open source web server from the American Apache Apache Foundation. The server is fast, reliable, and extensible via a simple API. HTTP request smuggling vulnerability exists in Apache HTTP Server modproxyajp. An attacker could exploit this vulnerability to smuggle request...

Apache HTTP Server Input Validation Error Vulnerability (CNVD-2022-51059)

Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API. Apache HTTP Server 2.4.53 and earlier versions are vulnerable to an input validation error. An attacker could exploit this vulnerability to read unexpected...

Apache HTTP Server Input Validation Error Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An input validation error vulnerability exists in Apache HTTP Server version 2.4.53 and earlier, which stems from a failure to...

CVE-2022-30522

If Apache HTTP Server 2.4.53 is configured to do transformations with modsed in contexts where the input to modsed may be very large, modsed may make excessively large memory allocations and trigger an abort...

CVE-2022-31813

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application...

ALPINE-CVE-2022-28615

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

CVE-2022-28330

Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...

CVE-2022-30522

If Apache HTTP Server 2.4.53 is configured to do transformations with modsed in contexts where the input to modsed may be very large, modsed may make excessively large memory allocations and trigger an abort...

CVE-2022-26377

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...

CVE-2022-31813

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application...

ALPINE-CVE-2022-29404

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody0 may cause a denial of service due to no default limit on possible input size...

CVE-2022-28614

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...