455 matches found
Mageia: Security Advisory (MGASA-2019-0109)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
httpd:2.4 security update
An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...
httpd:2.4 security update
httpd 2.4.37-43.1.0.1 - scoreboard: fix null pointer deference Orabug: 33690670CVE-2021-34798 - fix apescapequote logic Orabug: 33690686CVE-2021-39275 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43.1 - Resolves:...
httpd:2.4 security update
httpd 2.4.37-43.0.1 - Set vstring per ORACLESUPPORTPRODUCT Orabug: 29892262 - Replace index.html with Oracle's index page oracleindex.html. 2.4.37-43 - Related: 2007235 - CVE-2021-40438 httpd:2.4/httpd: modproxy: SSRF via a crafted request uri-path 2.4.37-42 - Resolves: 2007235 - CVE-2021-40438...
CentOS 8 : httpd:2.4 (CESA-2021:4537)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4537 advisory. - httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5 CVE-2021-20325 Note that Nessus has not tested for this issue but...
2.4 bug fix update
An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...
httpd:2.4 security update
An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...
httpd:2.4 security, bug fix, and enhancement update
An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...
httpd:2.4 security update
An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...
Debian DSA-4937-1 : apache2 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4937 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow...
Important: mod_http2
Issue Overview: A null pointer de-reference was found in the way httpd handled specially crafted HTTP/2 request. A remote attacker could use this flaw to crash the httpd child process, causing temporary denial of service. CVE-2021-31618 Affected Packages: modhttp2 Note: This advisory is applicabl...
Amazon Linux 2 : mod_http2 (ALAS-2021-1678)
The version of modhttp2 installed on the remote host is prior to 1.15.19-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1678 advisory. A null pointer de-reference was found in the way httpd handled specially crafted HTTP/2 request. A remote attacker could use thi...
Amazon Linux 2 : httpd (ALAS-2021-1672)
The version of httpd installed on the remote host is prior to 2.4.46-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1672 advisory. A null pointer de-reference was found in the way httpd handled specially crafted HTTP/2 request. A remote attacker could use this fl...
SUSE SLES15 Security Update : apache2 (SUSE-SU-2021:2004-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2004-1 advisory. - In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the modproxy error page. An...
[SECURITY] Fedora 34 Update: mod_http2-1.15.19-1.fc34
The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...
Fedora: Security Advisory for mod_http2 (FEDORA-2021-181f29c392)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for mod_http2 (FEDORA-2021-051639aad4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-31618
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...
DEBIAN-CVE-2021-31618
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...
CVE-2021-31618 NULL pointer dereference on specially crafted HTTP/2 request
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating...