727 matches found
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 9 : httpd (RHSA-2026:0139)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0139 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...
SUSE SLES15: apache2 / apache2-devel / apache2-event / apache2-manual / etc (SUSE-SU-2026:0020-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0020-1 advisory. - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment...
RHEL 9 : httpd (RHSA-2026:0095)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0095 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...
SUSE SLES15: apache2 / apache2-devel / apache2-doc / apache2-prefork / etc (SUSE-SU-2026:0019-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0019-1 advisory. - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override...
RHEL 9 : httpd (RHSA-2026:0090)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0090 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...
RHEL 9 : httpd (RHSA-2026:0141)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0141 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: Serve...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...
Important: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CLSA-2026-1767613214 httpd: Fix of CVE-2025-58098
CVE-2025-58098: fix modcgid to not pass arguments for SSI requests...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...
SUSE-SU-2026:0020-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...