7 matches found
USN-8457-2 mysql-8.0 vulnerabilities
USN-8457-1 fixed several vulnerabilities in MySQL. This update provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS Original advisory details: It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote attacker could possibl...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : MySQL vulnerabilities (USN-8457-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8457-1 advisory. It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote...
Hackney 安全漏洞
Hackney is a program library from Hackney, Inc. A security vulnerability exists in hackney versions prior to 0.10.0 through 4.0.1, which stems from the use of an infinite timeout by the SOCKS5 transport during TLS upgrades, which could result in infinite blocking of the connection process...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2041)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpd security update
2.4.62-4.0.1.4 - Replace index.html with Oracle's index page oracleindex.html. 2.4.62-4.4 - Resolves: RHEL-99949 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade 2.4.62-4.1 - Resolves: RHEL-99972 - CVE-2024-47252 httpd: insufficient escaping of user-supplied data in modssl - Resolves...
USN-7639-1 apache2 vulnerabilities
It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to perform HTTP response splitting attacks. CVE-2024-42516 xiaojunjie discovered that the Apache HTTP Server modproxy module incorrectly handled...
DEBIAN-CVE-2025-49812
In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...