MiracleLinux 9 : mod_http2-2.0.26-2.el9 (AXSA:2024-8097:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8097:03 advisory. modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2025-2588)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-43622 affecting package mod_http2 for versions less than 2.0.29-3

CVE-2023-43622 affecting package modhttp2 for versions less than 2.0.29-3. An upgraded version of the package is available that resolves this issue...

AlmaLinux 9 : mod_http2 (ALSA-2024:8680)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8680 advisory. modhttp2: DoS by null pointer in websocket over HTTP/2 CVE-2024-36387 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AZL-45186 CVE-2023-25690 affecting package mod_http2 for versions less than 2.0.29-3

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

Denial Of Service (DoS)

modhttp2 is vulnerable to denial of service DoS. The vulnerability exists through parsing of unneeded request bodies...