RHEL 8 : httpd:2.4 (RHSA-2024:5193)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5193 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

RHEL 8 : httpd:2.4 (RHSA-2024:6468)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6468 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

RHEL 8 : httpd:2.4 (RHSA-2024:6136)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6136 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

RHEL 8 : httpd:2.4 (RHSA-2024:6583)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:6583 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

ESC8 Relay: SMB to HTTP(S)

This module creates an SMB server and then relays the credentials passed to it to an HTTP server to gain an authenticated connection. Once that connection is established, the module makes an authenticated request for a certificate based on a given template. Module Options msf use...

Moderate: Red Hat Security Advisory: mod_jk security update

An update for modjk is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHEL 9 : mod_jk (RHSA-2024:8929)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8929 advisory. The modjk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. Security Fixes: modjk: information...

RHEL 6 / 7 : httpd24-httpd and httpd24-nghttp2 (RHSA-2019:2949)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2949 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: HTTP/2: large amoun...

RHEL 6 / 7 : httpd24-httpd (RHSA-2017:2483)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2483 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: It was discovered...

Security Bulletin: Multiple vulnerabilities within WebSphere Application and IBM HTTP Server, affect IBM Tivoli Monitoring.

Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server which is included as part of IBM Tivoli Monitoring ITM portal server. have been remediated Vulnerability Details CVEID:CVE-2024-45071 DESCRIPTION: IBM WebSphere Application Server is vulnerable to stored cross-site...

Exploit for Code Injection in Vmware Spring_Framework

Project Spring4Shell CVE-2022-22965 Blocker Firewall Se...

Exploit for Code Injection in Vmware Spring_Framework

Project Spring4Shell CVE-2022-22965 Blocker Firewall Se...

CVE-2024-49770 oak's path traversal allows transfer of hidden files within the served root directory

oak is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. By default oak does not allow transferring of hidden files with Context.send API. However, prior to version 17.1.3, this can be bypassed by encoding / as its URL encoded...

CVE-2024-49770 oak's path traversal allows transfer of hidden files within the served root directory

oak is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. By default oak does not allow transferring of hidden files with Context.send API. However, prior to version 17.1.3, this can be bypassed by encoding / as its URL encoded...

K000148354: Apache vulnerability CVE-2024-40725

Security Advisory Description A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source...

Important: httpd24

Issue Overview: Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE CVE-2020-11984 Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to...

Security Bulletin: Multiple Vulnerabilities in http-server affect Cloud Pak System

Summary Multiple Vulnerabilities in http-server affect Cloud Pak System. Vulnerability Details CVEID:CVE-2024-38474 DESCRIPTION: Apache HTTP Server could allow a remote attacker to execute arbitrary code on the system, caused by a substitution encoding issue in modrewrite. By sending a specially...

Advisory ROSA-SA-2024-2515

Software: httpd 2.4.6 OS: rosa-server79 packageevrstring: httpd-2.4.6-99.0.5.res7.1 CVE-ID: CVE-2021-26690 BDU-ID: 2021-03681 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache HTTP Server web server is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2688)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2736)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...