Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2020/04/05 4:53 p.m.38 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS0.4AI score0.08441EPSS
Exploits0References5
Veracode
Veracode
added 2019/11/21 12:17 a.m.32 views

Denial Of Service (DoS)

modhttp2 is vulnerable to denial of service DoS. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, it is possible to crash the application due to late upgrade...

4.2CVSS0.4AI score0.08441EPSS
Exploits0References45Affected Software11
RedHat Linux
RedHat Linux
added 2019/11/20 4:22 p.m.1 views

httpd: mod_http2: possible crash on late upgrade

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS7AI score0.08441EPSS
Exploits0References6
NVD
NVD
added 2019/06/11 10:29 p.m.19 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS5.6AI score0.08441EPSS
Exploits0References30
OSV
OSV
added 2019/06/11 10:29 p.m.30 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.2CVSS6.4AI score
Exploits0References30
Prion
Prion
added 2019/06/11 10:29 p.m.28 views

Cross site request forgery (csrf)

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS5.4AI score0.08441EPSS
Exploits0References30Affected Software10
AlpineLinux
AlpineLinux
added 2019/06/11 9:35 p.m.42 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS5.9AI score0.08441EPSS
Exploits0
Debian CVE
Debian CVE
added 2019/06/11 9:35 p.m.34 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS6.1AI score0.08441EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/06/11 12:0 a.m.48 views

CVE-2019-0197

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS6.7AI score0.08441EPSS
Exploits0References3
Apache Httpd
Apache Httpd
added 2019/01/29 12:0 a.m.65 views

Apache Httpd < 2.4.39 : mod_http2, possible crash on late upgrade

When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for...

4.9CVSS0.7AI score0.08441EPSS
Exploits0Affected Software1
Rows per page
Query Builder