Security fix for the ALT Linux 10 package apache2 version 1:2.4.56-alt1

1:2.4.56-alt1 built March 17, 2023 Anton Farygin in task 316447 March 9, 2023 Anton Farygin - 2.4.56 Fixes: CVE-2023-25690, CVE-2023-27522...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2023:0764-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0764-1 advisory. - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack...

SUSE-SU-2023:0764-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2023-27522: Fixed HTTP response splitting in modproxyuwsgi bsc1209049. - CVE-2023-25690: Fixed HTTP request splitting with modrewrite and modproxy bsc1209047. The following non-security bugs were fixed: - Fixed passing health check does no...

HTTP Request Smuggling

apache2 is vulnerable to HTTP Request Smuggling. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch and a non-specific pattern matches some portion of the user-supplied request-target data and is then re-inserted into the proxied...

Debian: Security Advisory (DLA-3351-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HTTP Request Smuggling

apache2 is vulnerable to HTTP Request Smuggling. The vulnerability exists due to the special characters in the origin response header can truncate/split the response forwarded to the client through the modproxyuwsgi...

Debian: Security Advisory (DLA-284-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-66-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-553-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1934-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-71-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-3351-1 apache2 - security update

Bulletin has no description...

Malicious Package

Overview apache2 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

K89095152: PHP vulnerability CVE-2018-17082

Security Advisory Description The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the phphandler function in...

K84341091: Apache2 vulnerability CVE-2019-10081

Security Advisory Description HTTP/2 2.4.20 through 2.4.39 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplie...

SUSE: Security Advisory (SUSE-SU-2023:0447-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : apache2-mod_security2 (SUSE-SU-2023:0447-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0447-1 advisory. - Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer...

SUSE-SU-2023:0447-1 Security update for apache2-mod_security2

This update for apache2-modsecurity2 fixes the following issues: - CVE-2023-24021: Fixed FILESTMPCONTENT missing complete content bsc1207379...

SUSE: Security Advisory (SUSE-SU-2023:0431-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security fix for the ALT Linux 9 package apache2 version 1:2.4.55-alt1

1:2.4.55-alt1 built Feb. 16, 2023 Anton Farygin in task 314497 Feb. 1, 2023 Anton Farygin - 2.4.55 Fixes: CVE-2022-37436, CVE-2006-20001, CVE-2022-36760...