Apache -- vulnerability

The Apache httpd Project reports: SECURITY: CVE-2018-17199 modsession: modsessioncookie does not respect expiry time allowing sessions to be reused. SECURITY: CVE-2019-0190 modssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 or earlier with OpenSSL 1.1.1 and later. ...

Apache httpd 'mod_http2' Denial of Service Vulnerability

Apache HTTP Server is an open source web server from the Apache Software Foundation. A security vulnerability in the Apache httpd HTTP/2 processing code allows remote attackers to conduct denial-of-service attacks by submitting special requests and in some cases closing multiple connections...