5773 matches found
CVE-2019-17567 affecting package httpd 2.4.46-6
CVE-2019-17567 affecting package httpd 2.4.46-6. An upgraded version of the package is available that resolves this issue...
CVE-2021-40438 affecting package httpd 2.4.46-6
CVE-2021-40438 affecting package httpd 2.4.46-6. An upgraded version of the package is available that resolves this issue...
CVE-2021-41524 affecting package httpd 2.4.49-1
CVE-2021-41524 affecting package httpd 2.4.49-1. An upgraded version of the package is available that resolves this issue...
CVE-2021-36160 affecting package httpd 2.4.46-6
CVE-2021-36160 affecting package httpd 2.4.46-6. An upgraded version of the package is available that resolves this issue...
Oracle Linux 7 : httpd (ELSA-2021-3856)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-3856 advisory. 2.4.6-97.0.1.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.1 - Resolves: 2011729 - CVE-2021-40438 httpd: modproxy: SSRF via a crafte...
Important: httpd
Issue Overview: A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity. CVE-2021-33193 A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threa...
RHEL 7 : httpd (RHSA-2021:3856)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3856 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a...
httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"
A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat...
httpd security update
2.4.6-97.0.1.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.1 - Resolves: 2011729 - CVE-2021-40438 httpd: modproxy: SSRF via a crafted request uri-path containing 'unix:'...
Oracle Linux 8 : httpd:2.4 (ELSA-2021-3816)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3816 advisory. - Resolves: 2007234 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path Tenable has extracted the preceding description blo...
httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"
A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...
Important: Red Hat Security Advisory: httpd:2.4 security update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: httpd:2.4 security update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"
A Server-Side Request Forgery SSRF flaw was found in modproxy of httpd. This flaw allows a remote, unauthenticated attacker to make the httpd server forward requests to an arbitrary server. The attacker could get, modify, or delete resources on other services that may be behind a firewall and...
httpd:2.4 security update
httpd 2.4.37-39.1.0.1.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-39.1 - Resolves: 2007234 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path - Resolves: 2007646 - CVE-2021-26691...
RHEL 8 : httpd:2.4 (RHSA-2021:3837)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3837 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a...
RHEL 8 : httpd:2.4 (RHSA-2021:3836)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3836 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF via a...
CentOS 8 : httpd:2.4 (CESA-2021:3816)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3816 advisory. - httpd: modsession: Heap overflow via a crafted SessionHeader value CVE-2021-26691 - httpd: modproxy: SSRF via a crafted request uri-path containing...
RHEL 8 : httpd:2.4 (RHSA-2021:3816)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3816 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy: SSRF v...