Slackware: Security Advisory (SSA:2021-280-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 (RHSA-2022:1389)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1389 advisory. This release adds the new Apache HTTP Server 2.4.37 Service Pack 11 packages that are part of the JBoss Core Services offering. This...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 11 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

Oracle Enterprise Manager Ops Center (Apr 2022 CPU)

The 12.4.0.0 versions of Enterprise Manager Ops Center installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Web Server Apache HTTP Server...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1507)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixi...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1488)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixi...

Oracle HTTP Server (Apr 2022 CPU)

The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener Apache HTTP Server. Supported versions that a...

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-1399)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2022-1373)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerability CVE-2021-39275

Summary IBM Security SiteProtector System has addressed the following vulnerability in Core XPU: Vulnerability Details CVEID: CVE-2021-39275 DESCRIPTION: Apache HTTP Server is vulnerable to a buffer overflow, caused by improper bounds checking by the apescapequotes function. By sending specially...

Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities (CVE-2021-40438, CVE-2021-34798)

Summary IBM Security SiteProtector System has addressed the following vulnerabilities in Core XPU: Vulnerability Details CVEID: CVE-2021-40438 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request forgery, caused by an error in modproxy. By sending a specially crafted request...

Oracle Linux 8 : httpd:2.4 (ELSA-2022-9276)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9276 advisory. 2.4.37-43.0.3.3 - Resolves: CVE-2021-33193 a crafted method sent through HTTP/2 will bypass validation Orabug: 33942809 Tenable has extracted the preceding...

CVE-2022-24070

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

Exploit for Path Traversal in Apache Http_Server

Exploit for CVE-2021-41773 and CVE-2021-42013 Path travers...

Exploit for Path Traversal in Apache Http_Server

Exploit for CVE-2021-41773 and CVE-2021-42013 Path travers...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Exploit for Server-Side Request Forgery in Resf Rocky_Linux

CVE-2021-40438 Apache forward request CVE CVE-2021-40438...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773...