5760 matches found
Security Bulletin: IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache HTTP Server
Summary IBM Rational Build Forge 8.0.0.24 addresses multiple vulnerabilities by updating Apache HTTP Server Vulnerability Details CVEID:CVE-2023-27522 DESCRIPTION: Apache HTTP Server is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header b...
ROS-20231030-05
Apache HTTP Server vulnerability is related to blocking HTTP/2 connection processing if it was opened with 0 initial sliding window size. was opened with the initial sliding window size set to 0. Exploitation of the vulnerability could Allow an attacker acting remotely to cause a denial of servic...
ROS-20231030-01
A vulnerability in the modmacro component of the Apache HTTP Server web server is related to an out-of-field read. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP1 security update
An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP1 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP1 (RHSA-2023:6105)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6105 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, ...
Security Bulletin: IBM HTTP Server is vulnerable to information disclosure due to the included Apache HTTP Server (CVE-2023-31122)
Summary IBM HTTP Server is vulnerable to information disclosure when using the modmacro module due to the included Apache HTTP Server. Vulnerability Details CVEID:CVE-2023-31122 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an out-of-boun...
The vulnerability of the mod_macro module in the Apache HTTP Server allows a hacker to trigger a service failure.
The vulnerability of the modmacro module in the Apache HTTP Server is related to reading beyond the memory boundaries. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
Fedora: Security Advisory for httpd (FEDORA-2023-de4eba8d86)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
php security update
An update is available for php. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...
RLSA-2023:5927 Important: php:8.0 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...
K000137325: Apache httpd vulnerability CVE-2023-43622
Security Advisory Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack...
DEBIAN-CVE-2023-43622
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...
ALPINE-CVE-2023-31122
Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
CVE-2023-43622
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...
CVE-2023-31122
Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
AZL-43639 CVE-2023-43622 affecting package mod_http2 1.15.14-2
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...
DEBIAN-CVE-2023-31122
Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
CVE-2023-31122
Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...
Code injection
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...