Fedora: Security Advisory for php (FEDORA-2020-60f9a47657)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1552)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for php (FEDORA-2020-96cb012029)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for php (FEDORA-2020-62ee541bbb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-12442

Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250...

Sql injection

Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250...

CVE-2020-12442

Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250...

CVE-2020-12442

Ivanti Avalanche 6.3 is affected by CVE-2020-12442, a SQL injection due to inadequate validation of externally entered SQL statements in the database-based application. The issue is described as being vaguely associated with the Apache HTTP Server (Bug 683250) and is scored as high severity (CVSS...

Moderate: Red Hat Security Advisory: mod_auth_mellon security and bug fix update

An update for modauthmellon is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Moderate: Red Hat Security Advisory: php:7.2 security, bug fix, and enhancement update

An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: mod_auth_mellon security and bug fix update

The modauthmellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. Security Fixes: modauthmellon: Open Redirect via the login?ReturnT...

Moderate: php:7.2 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.2.24. BZ1726981 Security Fixes: php: Invalid memory access in function xmlrpcdecode CVE-2019-9020 php: File rename across filesystems...

RLSA-2020:1624 Moderate: php:7.2 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.2.24. BZ1726981 Security Fixes: php: Invalid memory access in function xmlrpcdecode CVE-2019-9020 php: File rename across filesystems...

ALSA-2020:1624 Moderate: php:7.2 security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 7.2.24. BZ1726981 Security Fixes: php: Invalid memory access in function xmlrpcdecode CVE-2019-9020 php: File rename across filesystems...

[SECURITY] Fedora 31 Update: php-7.3.17-1.fc31

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 30 Update: php-7.3.17-1.fc30

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Apache Httpd < 2.4.44 : Push Diary Crash on Specifically Crafted HTTP/2 Header

In Apache HTTP Server versions 2.4.20 to 2.4.43, a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerabilit...

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect Rational Build Forge (CVE-2018-1283, CVE-2018-1302, CVE-2018-1303, CVE-2018-1312, CVE-2017-15710, CVE-2017-15715, CVE-2018-1301)

Summary There are multiple vulnerabilities in Apache HTTP Server affecting IBM Rational Build Forge. Vulnerability Details CVEID: CVE-2018-1283 DESCRIPTION: Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by an error when modsession is configured with SessionEnv...

Security Bulletin: A Security vulnerability has been identified in Apache HTTP Server used by Rational Build Forge. (CVE-2017-9798)

Summary Apache HTTP Server has security vulnerability caused due to error in the HTTP Option method. Respective security vulnerability is discussed in detail in the subsequent section. Vulnerability Details CVEID: CVE-2017-9798 DESCRIPTION: Apache HTTP Server could allow a remote attacker to obta...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1505)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...