Lucene search
K

11648 matches found

NVD
NVD
added 2019/06/11 10:29 p.m.19 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS5.6AI score0.08441EPSS
Exploits0References30
OSV
OSV
added 2019/06/11 10:29 p.m.3 views

DEBIAN-CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.2CVSS6.7AI score0.08441EPSS
Exploits0References1
NVD
NVD
added 2019/06/11 10:29 p.m.18 views

CVE-2019-0196

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

5.3CVSS6.1AI score0.193EPSS
Exploits0References36
OSV
OSV
added 2019/06/11 10:29 p.m.19 views

CVE-2019-0196

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

5.3CVSS6.5AI score
Exploits0References36
Prion
Prion
added 2019/06/11 10:29 p.m.25 views

Cross site request forgery (csrf)

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

5CVSS5.9AI score0.193EPSS
Exploits0References36Affected Software3
Prion
Prion
added 2019/06/11 10:29 p.m.28 views

Cross site request forgery (csrf)

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS5.4AI score0.08441EPSS
Exploits0References30Affected Software10
Cvelist
Cvelist
added 2019/06/11 9:35 p.m.33 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

5.6AI score0.08441EPSS
Exploits0References30
CVE
CVE
added 2019/06/11 9:35 p.m.2153 views

CVE-2019-0197

The CVE-2019-0197 entry concerns Apache HTTP Server 2.4.34–2.4.38. When HTTP/2 is enabled for an http: host or H2Upgrade is enabled for h2 on an https: host, an Upgrade request from http/1.1 to http/2 that is not the first request on a connection could cause misconfiguration and crash. Servers th...

4.9CVSS5.5AI score0.08441EPSS
Exploits0References30Affected Software1
Debian CVE
Debian CVE
added 2019/06/11 9:35 p.m.33 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS6.1AI score0.08441EPSS
Exploits0
NVD
NVD
added 2019/06/11 9:29 p.m.21 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.3AI score0.1786EPSS
Exploits0References40
Prion
Prion
added 2019/06/11 9:29 p.m.33 views

Path traversal

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5CVSS6.1AI score0.1786EPSS
Exploits0References40Affected Software5
OSV
OSV
added 2019/06/11 9:29 p.m.1 views

DEBIAN-CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS9.3AI score0.1786EPSS
Exploits0References1
OSV
OSV
added 2019/06/11 9:29 p.m.24 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.7AI score
Exploits0References40
OSV
OSV
added 2019/06/11 9:29 p.m.3 views

ALPINE-CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

5.3CVSS6.8AI score0.1786EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/11 9:2 p.m.40 views

CVE-2019-0196

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

6.1AI score0.193EPSS
Exploits0References36
CVE
CVE
added 2019/06/11 9:2 p.m.2201 views

CVE-2019-0196

The CVE-2019-0196 issue affects Apache HTTP Server 2.4.x (noted in several advisories) where the http/2 request handling could access freed memory during a string comparison to determine the request method, potentially causing incorrect request processing. This is tied to mod_http2 and is describ...

5.3CVSS6AI score0.193EPSS
Exploits0References36Affected Software1
Debian CVE
Debian CVE
added 2019/06/11 9:2 p.m.32 views

CVE-2019-0196

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

5.3CVSS6.3AI score0.193EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/06/11 9:2 p.m.35 views

CVE-2019-0196

A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly...

5.3CVSS6.4AI score0.193EPSS
Exploits0
Cvelist
Cvelist
added 2019/06/11 8:49 p.m.59 views

CVE-2019-0220

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...

6.5AI score0.1786EPSS
Exploits0References40
CVE
CVE
added 2019/06/11 8:49 p.m.4481 views

CVE-2019-0220

CVE-2019-0220 affects Apache HTTP Server 2.4.0–2.4.38. The issue arises when the path component of a request URL contains multiple consecutive slashes; directives like LocationMatch and RewriteRule must account for duplicates in regular expressions because the server may collapse or mishandle the...

5.3CVSS6.4AI score0.1786EPSS
Exploits0References40Affected Software1
Rows per page
Query Builder