5 matches found
Astra Linux – Vulnerability in Apache2
The Apache HTTP Server versions 2.4.6 to 2.4.46, with the modproxywstunnel module configured, were used to handle a URL request. The origin server did not necessarily upgrade this connection. As a result, subsequent requests using the same connection could be processed without any HTTP validation...
httpd: mod_proxy_wstunnel tunneling of non Upgraded connection
A flaw was found in Apache httpd. The modproxywstunnel module tunnels non-upgraded connections...
mod_proxy_wstunnel tunneling of non Upgraded connections
...
DEBIAN-CVE-2019-17567
Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authenticati...
UBUNTU-CVE-2019-17567
Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authenticati...