Fedora: Security Advisory for httpd (FEDORA-2022-e620fb15d5)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Privilege escalation

Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with...

Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache HTTPD Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apescapehtml2 function. The issue results from the lack of proper validation of...

Fixed CVEs in httpd: CVE-2022-31813, CVE-2022-28615, CVE-2022-26377

CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-31813: modproxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded- headers correctly...

CLSA-2022-1656430723 Fixed CVEs in httpd: CVE-2022-28615, CVE-2022-31813, CVE-2022-26377

CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-31813: modproxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded- headers correctly...

CLSA-2022-1656429967 Fixed CVEs in httpd-39.module_el8.4.0+2061+54659116.1.tuxcare.centos8.4-els: CVE-2022-28615, CVE-2022-31813, CVE-2022-30556, CVE-2022-26377, CVE-2022-30522

CVE-2022-30522: modsed: limit memory usage - CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-30556: modlua: fix r:wsread to not return length that point past the end of the storage allocated for the buffer -...

Critical Photon OS Security Update - PHSA-2022-0409

Updates of 'linux-esx', 'linux-secure', 'linux-aws', 'linux-rt', 'linux', 'httpd' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2022-3.0-0409

Updates of 'linux-esx', 'linux', 'linux-aws', 'linux-rt', 'httpd', 'linux-secure' packages of Photon OS have been released...

Low: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

httpd: mod_proxy NULL pointer dereference

A flaw was found In Apache httpd. The modproxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

httpd:2.4 security update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

Critical Photon OS Security Update - PHSA-2022-0202

Updates of 'httpd', 'openssl' packages of Photon OS have been released...

RHEL 8 : httpd:2.4 (RHSA-2022:5163)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5163 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxy NULL pointer...

Critical Photon OS Security Update - PHSA-2022-4.0-0202

Updates of 'openssl', 'libtiff', 'httpd' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2022-0489

Updates of 'httpd' packages of Photon OS have been released...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1893)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2022-1893)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1843)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1867)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1867)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP...