Lucene search
K

14 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.4 views

SUSE CVE-2017-9789

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...

4.8CVSS9.5AI score0.09507EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2018:0261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.53939EPSS
Exploits0References7
Symantec
Symantec
added 2018/11/07 8:1 a.m.104 views

Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018

SUMMARY Symantec Network Protection products using affected versions of Apache httpd are susceptible to multiple security vulnerabilities. A remote attacker can obtain sensitive information, bypass intended security restrictions, modify session information in CGI applications, replay authenticate...

6.8CVSS2AI score0.94999EPSS
Exploits9Affected Software4
OSV
OSV
added 2018/01/29 10:41 a.m.14 views

SUSE-SU-2018:0261-1 Recommended update for apache2

This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress closing many connections the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour bsc1048575. - CVE-2017-7659: A...

7.5CVSS7.8AI score0.53939EPSS
Exploits0References7
Mageia
Mageia
added 2017/08/24 7:52 a.m.56 views

Updated apache packages fix security vulnerabilities

In Apache httpd before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized poo...

9.1CVSS1.2AI score0.5677EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/07/20 12:0 a.m.93 views

Apple Mac OS X Multiple Code Execution Vulnerabilities (HT208221)

Apple Mac OS X is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.7907EPSS
Exploits13References15
OpenVAS
OpenVAS
added 2017/07/17 12:0 a.m.42 views

Apache HTTP Server 'mod_http2' Denial-Of-Service Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.6AI score0.09507EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2017/07/14 12:0 a.m.42 views

[ASA-201707-15] apache: multiple issues

Arch Linux Security Advisory ASA-201707-15 ========================================== Severity: Critical Date : 2017-07-14 CVE-ID : CVE-2017-9788 CVE-2017-9789 Package : apache Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-350 Summary ======= The package apache...

9.1CVSS1.9AI score0.5677EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/07/14 12:0 a.m.52 views

FreeBSD : Apache httpd -- multiple vulnerabilities (457ce015-67fa-11e7-867f-b499baebfeaf)

The Apache httpd project reports : important: Read after free in modhttp2 CVE-2017-9789 When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour. important: Uninitialized memory reflecti...

9.1CVSS6.8AI score0.5677EPSS
Exploits0References4
Slackware Linux
Slackware Linux
added 2017/07/13 7:27 p.m.54 views

[slackware-security] httpd

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.27-i586-1slack14.2.txz: Upgraded. This update fixes two security issues: Read after free in...

9.1CVSS9.1AI score0.5677EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2017/07/13 4:0 p.m.46 views

CVE-2017-9789

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...

7.5CVSS8.5AI score0.09507EPSS
Exploits0
CVE
CVE
added 2017/07/13 4:0 p.m.269 views

CVE-2017-9789

CVE-2017-9789 concerns Apache httpd 2.4.26. The HTTP/2 handling code may access memory after it has been freed when under stress (closing many connections), leading to erratic behavior. Connected advisories confirm the vulnerability is in mod_http2 and suggest upgrading to a fixed version (e.g., ...

7.5CVSS8.2AI score0.09507EPSS
Exploits0References22Affected Software1
RedhatCVE
RedhatCVE
added 2017/07/13 3:20 p.m.42 views

CVE-2017-9789

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...

7.5CVSS1.8AI score0.09507EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/07/11 12:0 a.m.89 views

Apache httpd -- multiple vulnerabilities

The Apache httpd project reports: important: Read after free in modhttp2 CVE-2017-9789 When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour. important: Uninitialized memory reflectio...

9.1CVSS1.1AI score0.5677EPSS
Exploits0References1
Rows per page
Query Builder