Moderate: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

ALSA-2024:2564 Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

RHEL 9 : httpd (RHSA-2024:2278)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2278 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro: out-of-bounds...

ALSA-2024:2278 Moderate: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

ALSA-2024:2368 Moderate: mod_http2 security update

The modhttp2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: DoS in HTTP/2 with initial window size 0 CVE-2023-43622 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802 For mo...

Moderate: mod_http2 security update

The modhttp2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: DoS in HTTP/2 with initial window size 0 CVE-2023-43622 modhttp2: reset requests exhaust memory incomplete fix of CVE-2023-44487 CVE-2023-45802 For mo...

CVE-2023-31889

An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4.380.8591 allows local attackers to cause a denial of service via crafted GET request...

CVE-2023-31889

An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4.380.8591 allows local attackers to cause a denial of service via crafted GET request...

CVE-2023-31889

An issue discovered in httpd in ASUS RT-AC51U with firmware version up to and including 3.0.0.4.380.8591 allows local attackers to cause a denial of service via crafted GET request...

CVE-2023-31889

CVE-2023-31889 affects ASUS RT-AC51U with firmware versions up to 3.0.0.4.380.8591. The issue is an HTTPD service vulnerability allowing local attackers to cause a denial of service via a crafted GET request. Connected sources confirm the affected product and impact as described; there is no deta...

PT-2024-12290 · Asus · Asus Rt-Ac51U

Name of the Vulnerable Software and Affected Versions: ASUS RT-AC51U firmware versions up to and including 3.0.0.4.380.8591 Description: The issue allows local attackers to cause a denial of service via crafted GET request to the httpd service. Recommendations: For firmware versions up to and...

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2024-607)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-607 advisory. Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...

[SECURITY] Fedora 38 Update: mod_http2-2.0.27-1.fc38

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

[SECURITY] Fedora 39 Update: mod_http2-2.0.27-1.fc39

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

[SECURITY] Fedora 40 Update: mod_http2-2.0.27-1.fc40

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

RHEL 5 : httpd and httpd22 (RHSA-2010:0011)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0011 advisory. - httpd: NULL pointer defer in modproxyftp caused by crafted EPSV and PASV reply CVE-2009-3094 - httpd: modproxyftp FTP command injection vi...

RHEL 6 : httpd and httpd22 (RHSA-2011:1329)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1329 advisory. The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker coul...

Important: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: CONTINUATION frames DoS CVE-2024-27316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

ALSA-2024:1872 Important: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: CONTINUATION frames DoS CVE-2024-27316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...