Fedora: Security Advisory for httpd (FEDORA-2023-de4eba8d86)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the mod_macro module in the Apache HTTP Server allows a hacker to trigger a service failure.

The vulnerability of the modmacro module in the Apache HTTP Server is related to reading beyond the memory boundaries. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

RLSA-2023:5926 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...

php security update

An update is available for php. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...

RLSA-2023:5927 Important: php:8.0 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity without being enabled CVE-2023-3823 php: phar Buffer mismanagement CVE-2023-3824 php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS...

Rockwell Automation Stratix 5800 and Stratix 5200 (UPDATE A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity/known public exploitation Vendor : Rockwell Automation Equipment : Stratix 5800 and Stratix 5200 Vulnerabilities : Unprotected Alternate Channel, OS Command Injection 2. RISK EVALUATION Successful...

[SECURITY] Fedora 38 Update: httpd-2.4.58-1.fc38

The Apache HTTP Server is a powerful, efficient, and extensible web server...

K000137326: Apache mod_macro vulnerability CVE-2023-31122

Security Advisory Description Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development ha...

K000137325: Apache httpd vulnerability CVE-2023-43622

Security Advisory Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack...

DEBIAN-CVE-2023-31122

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

CVE-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

CVE-2023-31122

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

AZL-43639 CVE-2023-43622 affecting package mod_http2 1.15.14-2

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

CVE-2023-31122

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

ALPINE-CVE-2023-31122

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

DEBIAN-CVE-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

CVE-2023-31122

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

Code injection

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

Cross site scripting

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

CVE-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...