Lucene search
+L

66 matches found

amazon
amazon
added 2024/10/31 12:0 a.m.42 views

Important: httpd24

Issue Overview: Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE CVE-2020-11984 Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to...

9.8CVSS6.8AI score0.90039EPSS
Exploits4
nessus
nessus
added 2024/05/28 12:0 a.m.55 views

Oracle Linux 8 : httpd:2.4 (ELSA-2024-3121)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3121 advisory. - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 - Resolves: RHEL-29817 - httpd:2.4/modhttp2: httpd:...

9.8CVSS7.2AI score0.99999EPSS
Exploits30References3
oraclelinux
oraclelinux
added 2024/05/24 12:0 a.m.78 views

httpd:2.4 security update

httpd 2.4.37-64.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-64 - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.37-63 - modxml2enc: fix media type handling Resolves: RHEL-14321 modhttp2 1.15.7-10 - Resolves: RHEL-29817 -...

7.5CVSS7.5AI score0.99999EPSS
Exploits30
nessus
nessus
added 2023/04/25 12:0 a.m.57 views

NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2023-1001)

The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily...

9.8CVSS7.1AI score0.97108EPSS
Exploits11References29
f5
f5
added 2023/02/21 6:33 p.m.107 views

K67175700: Apache vulnerabilities CVE-2020-9490, CVE-2020-11984, CVE-2020-11993

Security Advisory Description CVE-2020-9490 Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via...

9.8CVSS6.5AI score0.90039EPSS
Exploits4
openvas
openvas
added 2022/01/28 12:0 a.m.43 views

Mageia: Security Advisory (MGASA-2020-0327)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.90039EPSS
Exploits4References5
ibm
ibm
added 2021/11/22 6:10 a.m.67 views

Security Bulletin: Vulnerability in Apache HTTP (CVE-2018-17199 and CVE-2020-11993) affects HMC

Summary Apache HTTP is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE's. Vulnerability Details CVEID: CVE-2018-17199 DESCRIPTION: Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by checking the session expiry time befor...

7.5CVSS8AI score0.58716EPSS
Exploits2Affected Software2
cbl_mariner
cbl_mariner
added 2021/07/08 9:56 p.m.35 views

CVE-2020-11993 affecting package httpd 2.4.43-

CVE-2020-11993 affecting package httpd 2.4.43-. An upgraded version of the package is available that resolves this issue...

7.5CVSS9.9AI score0.58716EPSS
Exploits2
openvas
openvas
added 2021/06/09 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2020:2311-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.90039EPSS
Exploits4References2
nessus
nessus
added 2021/05/26 12:0 a.m.76 views

Oracle Linux 8 : httpd:2.4 (ELSA-2021-1809)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1809 advisory. - Resolves: 1677590 - CVE-2018-17199 httpd:2.4/httpd: modsessioncookie does not respect expiry time - Resolves: 1869075 - CVE-2020-11984 httpd:2.4/http...

9.8CVSS6.9AI score0.90039EPSS
Exploits4References4
nessus
nessus
added 2021/05/19 12:0 a.m.125 views

CentOS 8 : httpd:2.4 (CESA-2021:1809)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1809 advisory. - httpd: modsessioncookie does not respect expiry time CVE-2018-17199 - httpd: modproxyuwsgi buffer overflow CVE-2020-11984 - httpd: modhttp2 concurren...

9.8CVSS7.1AI score0.90039EPSS
Exploits4References4
nessus
nessus
added 2021/05/19 12:0 a.m.93 views

RHEL 8 : httpd:2.4 (RHSA-2021:1809)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1809 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie...

9.8CVSS7.2AI score0.90039EPSS
Exploits4References18
redhat
redhat
added 2021/05/18 2:25 p.m.121 views

Moderate: Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.90039EPSS
Exploits4References13
osv
osv
added 2021/05/18 6:8 a.m.52 views

ALSA-2021:1809 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent pool usage CVE-2020-11993 For mor...

9.8CVSS7.4AI score0.90039EPSS
Exploits4References4
almalinux
almalinux
added 2021/05/18 6:8 a.m.90 views

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent pool usage CVE-2020-11993 For mor...

9.8CVSS8.4AI score0.90039EPSS
Exploits4References4
osv
osv
added 2021/05/18 6:8 a.m.65 views

RLSA-2021:1809 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent pool usage CVE-2020-11993 For mor...

9.8CVSS7.4AI score0.90039EPSS
Exploits4References12
openvas
openvas
added 2021/04/19 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2020:2450-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.89744EPSS
Exploits2References6
openvas
openvas
added 2021/04/19 12:0 a.m.39 views

SUSE: Security Advisory (SUSE-SU-2020:3067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.89744EPSS
Exploits2References6
openvas
openvas
added 2021/04/19 12:0 a.m.42 views

SUSE: Security Advisory (SUSE-SU-2020:2344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.90039EPSS
Exploits4References6
openvas
openvas
added 2021/03/12 12:0 a.m.38 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2021-1602)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.90039EPSS
Exploits4References2
Rows per page
Query Builder