Unspecified Vulnerability in Apache HTTP Server (CNVD-2021-44765)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. There is a security vulnerability in Apache HTTP Server, no details of the vulnerability are provided at this time...

Apache HTTP Server 环境问题漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. Apache HTTP Server has a security vulnerability in modproxywstunnel, modproxyhttp, no details of the vulnerability are provided at...

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API.A denial-of-service vulnerability exists in Apache HTTP Server, which results from a crash caused by a NULL pointer dereference. An attacker could exploit this...

PT-2021-9681 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.0 through 2.4.46 Description: The issue allows unprivileged local users to stop the httpd service on Windows. This was discovered by Ivan Zhakov. Recommendations: For Apache HTTP Server versions 2.4.0 through...

KLA12369 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Heap overflow vulnerability in modsession can be exploited via special crafted...

Oracle Linux 8 : httpd:2.4 (ELSA-2021-1809)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1809 advisory. - Resolves: 1677590 - CVE-2018-17199 httpd:2.4/httpd: modsessioncookie does not respect expiry time - Resolves: 1869075 - CVE-2020-11984 httpd:2.4/http...

RHEL 8 : httpd:2.4 (RHSA-2021:1809)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1809 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie...

Moderate: Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALBA-2021:1933 mod_auth_openidc:2.3 bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. For detailed information on changes in this release, see the AlmaLinux Release Notes linked from t...

mod_auth_openidc:2.3 bug fix update

An update is available for modauthopenidc, cjose. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modauthopenidc is an OpenID Connect authentication module f...

mod_auth_openidc:2.3 bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. For detailed information on changes in this release, see the AlmaLinux Release Notes linked from t...

httpd:2.4 security, bug fix, and enhancement update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent pool usage CVE-2020-11993 For mor...

JVN#49704918: mod_auth_openidc vulnerable to denial-of-service (DoS)

modauthopenidc provided by ZmartZone is an OpenID Connect's Relying Party module for Apache HTTP Server. This module contains a denial-of-service DoS vulnerability CWE-400. Impact A remote attacker may cause a denial-of-service DoS condition. Solution Update the software Update to the latest...

PT-2021-3858 · Apache +9 · Apache Http Server +9

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.17 through 2.4.48 Description: A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod proxy, which can lead to request splitting or cache poisoning. This issue is related to...

BSA-2020-950

Security Advisory ID : BSA-2020-950 Component : REST API Revision : 1.0 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier...

Exploit for Cross-site Scripting in Apache Http_Server

This is a PoC exploit for CVE-2019-10092, a Limited Cross-Site Scripting in modproxy Error Page-Apache httpd vulnerability. The target product/service is Apache HTTP Server, and the vulnerability class/vector is XSS. The probable entry points are the start.sh script, which invokes the Apache serv...

PT-2021-5273 · Apache +10 · Apache Http Server +10

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.30 through 2.4.48 Description: A carefully crafted request uri-path can cause mod proxy uwsgi to read above the allocated memory and crash, resulting in a denial of service DoS. The issue is related to the mod...

Apache Httpd < 2.4.49 : mod_proxy_uwsgi out of bound read

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

PT-2021-3712 · Apache +3 · Apache Http Server +4

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.47 mod http2 version 1.15.17 Description: The issue is related to the HTTP/2 protocol handler in the Apache HTTP Server, which checks received request headers against size limitations. If these restrictions are...