2 matches found
CLSA-2025-1752126532 httpd: Fix of 2 CVEs
CVE-2014-8109: modlua: fix LuaAuthzProvider argument handling issue - CVE-2019-10092: modproxy: fix limited cross-site scripting in modproxy error page...
Amazon Linux AMI : httpd24 (ALAS-2015-483)
modlua.c in the modlua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access...