CentOS 8 : httpd:2.4 (CESA-2021:4537)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4537 advisory. - httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5 CVE-2021-20325 Note that Nessus has not tested for this issue but...

RHEL 8 : httpd:2.4 (RHSA-2021:4537)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4537 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Regression of...

httpd: mod_session: Heap overflow via a crafted SessionHeader value

A heap overflow flaw was found In Apache httpd modsession. The highest threat from this vulnerability is to system availability...

httpd: mod_proxy_wstunnel tunneling of non Upgraded connection

A flaw was found in Apache httpd. The modproxywstunnel module tunnels non-upgraded connections...

httpd: mod_proxy_wstunnel tunneling of non Upgraded connection

A flaw was found in Apache httpd. The modproxywstunnel module tunnels non-upgraded connections...

httpd: NULL pointer dereference via malformed requests

A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability...

ALBA-2021:4604 httpd:2.4 bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Bug Fixes: proxy rewrite to unix socket fails with CVE-2021-40438 fix BZ2017854, BZ2017855, BZ2017856...

2.4 bug fix update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5

Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be...

RLSA-2021:4537 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Rocky Linux 8.5 CVE-2021-20325 For more details about the security issues, including the impact, a CVSS score,...

httpd:2.4 security update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in AlmaLinux CVE-2021-20325 For more details about the security issues, including the impact, a CVSS score,...

ALSA-2021:4537 Important: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in AlmaLinux CVE-2021-20325 For more details about the security issues, including the impact, a CVSS score,...

httpd: Unexpected URL matching with 'MergeSlashes OFF'

A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity...

Moderate: Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2021-20325

Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be...

RLSA-2021:4257 Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...

Moderate: httpd:2.4 security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...

httpd:2.4 security, bug fix, and enhancement update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...