Alibaba Cloud Linux 3 : 0116: httpd:2.4 (ALINUX3-SA-2024:0116)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0116 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-31122: Out-of-bounds Read...

Alibaba Cloud Linux 3 : 0023: httpd:2.4 (ALINUX3-SA-2022:0023)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0023 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-22720: Apache HTTP Server 2.4.52 and earli...

PT-2025-21655 · Undefined · Undefined

CVE-2025-22756 - CVE-2022-47947: Apache HTTP Server Command Injection CVE ID : CVE-2025-22756 Published : May 14, 2025, 2:15 p.m. | 3 hours, 14 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link f...

PT-2025-21159 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No information is provided about the estimated number of potentially affected devices or real-world incidents. Recommendations: At the...

PT-2025-21154 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a CSRF problem. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was...

PT-2025-21155 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an authentication bypass in the Apache HTTP Server. No specific details about the estimated number of potentially affected devices worldwide or real-world...

PT-2025-21158 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an authentication bypass in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or real-wor...

Alibaba Cloud Linux 3 : 0144: httpd:2.4 (ALINUX3-SA-2023:0144)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0144 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2006-20001: A carefully crafted If:...

Alibaba Cloud Linux 3 : 0162: httpd:2.4 (ALINUX3-SA-2024:0162)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0162 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-38476: Vulnerability in core of Apache HTT...

Alibaba Cloud Linux 3 : 0017: httpd:2.4 (ALINUX3-SA-2022:0017)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0017 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-0190: A bug exists in the way...

Alibaba Cloud Linux 3 : 0145: httpd:2.4 (ALINUX3-SA-2023:0145)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0145 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-27522: HTTP Response Smuggling vulnerabili...

Important: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

PT-2025-20898 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an XML Entity Injection vulnerability. No specific details about affected devices, real-world incidents, or technical exploitation details such as API endpoint...

PT-2025-21639 · Undefined · Undefined

CVE-2025-4668 - Apache HTTP Server Deserialization Vulnerability CVE ID : CVE-2025-4668 Published : May 13, 2025, 9:16 p.m. | 2 hours, 7 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and...

PT-2025-20895 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns a denial of service. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue w...

PT-2025-20894 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issu...

PT-2025-20893 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an information disclosure in the Apache HTTP Server. No specific details about the nature of the disclosure or how it can be exploited are provided. There is n...

Important: mod_auth_openidc security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: modauthopenidc allows OIDCProviderAuthRequestMethod POSTs to leak...

PT-2025-20613 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an unvalidated redirect in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or real-worl...

PT-2025-20610 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns unvalidated user input in the Apache HTTP Server. No further details are available regarding the estimated number of potentially affected devices or real-world incidents...