94 matches found
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2736)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : httpd (EulerOS-SA-2024-2557)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution viabackend...
EulerOS 2.0 SP11 : httpd (EulerOS-SA-2024-2583)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution viabackend...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2529)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
EulerOS 2.0 SP10 : httpd (EulerOS-SA-2024-2417)
According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services,...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-2368)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
Server Side Request Forgery (SSRF)
Apache HTTP Server 2.4.59 is vulnerable to SSRF. The vulnerability is due to a missing validation in response headers leading to information disclosure, SSRF or local script execution via backend applications which have malicious or exploitable header...
BIT-APACHE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect
Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...
Internet Bug Bounty: important: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (CVE-2024-38476)
The Apache HTTP Server vulnerability CVE-2024-38476 was discovered in versions 2.4.0 through 2.4.59. The vulnerability allowed the use of exploitable or malicious backend application output to run local handlers via internal redirect. Users were recommended to upgrade to version 2.4.60, which fix...
CVE-2024-38476
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has not be...