RHEL 8 : httpd:2.4 (RHSA-2025:15619)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15619 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient...

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2025-2010)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacke...

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2025-2041)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacke...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2099)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHSA-2025:15516 Red Hat Security Advisory: httpd:2.4 security update

Bulletin has no description...

RHEL 8 : httpd:2.4 (RHSA-2025:15516)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15516 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient...

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

httpd:2.4 security update

An update is available for module.modhttp2, httpd, module.modmd, modhttp2, modmd, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

CVE-2025-10034 D-Link DIR-825 httpd ping6_response.cg get_ping6_app_stat buffer overflow

A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function getping6appstat of the file ping6response.cg of the component httpd. Performing manipulation of the argument ping6ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-10034 D-Link DIR-825 httpd ping6_response.cg get_ping6_app_stat buffer overflow

A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function getping6appstat of the file ping6response.cg of the component httpd. Performing manipulation of the argument ping6ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

OESA-2025-2170 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP respons...

RHSA-2025:15123 Red Hat Security Advisory: httpd:2.4 security update

Bulletin has no description...

Oracle Linux 8 : httpd:2.4 (ELSA-2025-15123)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15123 advisory. - Resolves: RHEL-99944 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade - Resolves: RHEL-99969 - CVE-2024-47252 httpd: insufficient...

Amazon Linux 2 : httpd, --advisory ALAS2-2025-2982 (ALAS-2025-2982)

The version of httpd installed on the remote host is prior to 2.4.65-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2982 advisory. A bug in Apache HTTP Server 2.4.64 results in all RewriteCond expr ... tests evaluating as true. Users are recommended to upgrade to...

Medium: httpd

Issue Overview: A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. CVE-2025-54090 Affected Packages: httpd Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

httpd: insufficient escaping of user-supplied data in mod_ssl

A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...

Moderate: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHSA-2025:15095 Red Hat Security Advisory: httpd security update

Bulletin has no description...

RHEL 10 : httpd (RHSA-2025:15095)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15095 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient...