Apache httpd Cross-Site Scripting Vulnerability

Apache httpd is an open source HTTP server from the Apache Foundation developed and maintained for modern operating systems. Apache httpd suffers from a cross-site scripting vulnerability that stems from a flaw found in modproxycluster that allows a malicious user to add scripts to the alias...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP2 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP2 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Exploit for HTTP Request Smuggling in Apache Http_Server

CVE-2023-25690 Mô tả CVE-2023-25690: - Một vài cấu hình mod...

Security Bulletin: IBM Rational Build Forge 8.0.0.25 addresses multiple vulnerabilities

Summary IBM Rational Build Forge 8.0.0.25 addresses multiple vulnerabilities Vulnerability Details CVEID:CVE-2023-42794 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by accumulation of temporary files on Windows when a web application opened a stream for an uploaded file...

Ubuntu: Security Advisory (USN-6510-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6510-1: Apache HTTP Server vulnerability

David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service...

Ubuntu 16.04 ESM / 18.04 ESM : Apache HTTP Server vulnerability (USN-6510-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6510-1 advisory. David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use...

Ubuntu: Security Advisory (USN-6506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6506-1: Apache HTTP Server vulnerabilities

David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2023-31122 Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Apache HTTP Server vulnerabilities (USN-6506-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6506-1 advisory. David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote...

Oracle Linux 9 : httpd / and / mod_http2 (ELSA-2023-6403)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6403 advisory. - Resolves: 2177753 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite and modproxy modhttp2 Tenable has extracted the preceding description block...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2023:4451-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4451-1 advisory. - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122...

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2023-433)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-433 advisory. Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 A flaw was found in httpd. This flaw allows an attacker...

Moderate: Red Hat Security Advisory: mod_auth_openidc:2.3 security and bug fix update

An update for the modauthopenidc:2.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Apache Airflow Authorization Problem Vulnerability (CNVD-2023-93318)

Apache HTTP Server Buffer Overflow Vulnerability CNVD-2023-93320...

SUSE SLES15 Security Update : apache2 (SUSE-SU-2023:4431-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4431-1 advisory. - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122...

ALSA-2023:6940 Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

SUSE SLES15 Security Update : apache2 (SUSE-SU-2023:4432-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4432-1 advisory. - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122...