CentOS 8 : httpd:2.4 (CESA-2022:1049)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:1049 advisory. - httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 Note that Nessus has not tested for this issue b...

Critical Photon OS Security Update - PHSA-2022-4.0-0166

Updates of 'squashfs-tools', 'httpd', 'bluez', 'consul' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2022-0455

Updates of 'httpd' packages of Photon OS have been released...

CLSA-2022-1648136281 Fixed CVEs in httpd: CVE-2022-22721, CVE-2022-22720

CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

RLSA-2022:1049 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 For more details about the security issues, including the impact, a CV...

ALSA-2022:1049 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 For more details about the security issues, including the impact, a CV...

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 For more details about the security issues, including the impact, a CV...

httpd:2.4 security update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

httpd security update

2.4.6-97.0.5.5 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.5 - Resolves: 2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier...

RHEL 7 : httpd (RHSA-2022:1045)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1045 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during...

(Pwn2Own) NETGEAR R6700v3 httpd Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching log...

Fedora: Security Advisory for httpd (FEDORA-2022-b4103753e9)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1326)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2022-1326)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd...

Oracle Linux 8 : httpd:2.4 (ELSA-2022-0891)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0891 advisory. - Resolves: 2059256 - CVE-2021-34798 httpd:2.4/httpd: NULL pointer dereference via malformed requests Tenable has extracted the preceding description...

httpd:2.4 security update

httpd 2.4.37-43.0.2.2 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-43.2 - Resolves: 2059256 - CVE-2021-34798 httpd:2.4/httpd: NULL pointer dereference via malformed requests - Resolves: 2059257 - CVE-2021-39275...