CVE-2021-31618

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

ALPINE-CVE-2021-31618

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

CVE-2021-31618

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

Null pointer dereference

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

CVE-2021-31618

CVE-2021-31618 affects the Apache httpd mod_http2 component. The issue is a NULL pointer dereference in the HTTP/2 header handling when size limits are violated, leading to denial of service by crashing the httpd worker process. Affected releases include mod_http2 1.15.17 and Apache httpd 2.4.47 ...

CVE-2021-31618 NULL pointer dereference on specially crafted HTTP/2 request

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

CVE-2021-31618 NULL pointer dereference on specially crafted HTTP/2 request

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

CVE-2021-31618

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

CVE-2021-31618

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...

Privilege Escalation

Apache HTTP Server is vulnerable to privilege escalation. Unprivileged local users can stop httpd on Windows...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service. The modproxyhttp can be made to crash via a NULL pointer dereference via malicious requests using both Content-Length and Transfer-Encoding headers...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service. A stack overflow in modauthdigest allows an attacker to crash the application...

Denial Of Service(DoS)

Apache HTTP Server is vulnerable to denial of service.A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service. An attacker is able to crash the server via a malicious SessionHeader sent by an origin server...

Apache HTTP Server Code Issue Vulnerability (CNVD-2022-13199)

Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API.A code issue vulnerability exists in Apache HTTP Server, which stems from a NULL pointer dereference error in mod sessions. A remote attacker could use this...

CVE-2021-26691

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow...

DEBIAN-CVE-2021-26691

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow...

CVE-2021-26691

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow...

AZL-6475 CVE-2020-35452 affecting package httpd for versions less than 2.4.46-10

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make i...

ALPINE-CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...