Lucene search
K

9 matches found

OSV
OSV
added 2024/03/06 10:54 a.m.179 views

BIT-APACHE-2021-44790 Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier

A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...

9.8CVSS9.3AI score0.97108EPSS
Exploits4References21
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.42 views

Rocky Linux 8 : httpd:2.4 (RLSA-2022:0258)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0258 advisory. - A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not...

9.8CVSS8.6AI score0.97108EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2022/03/29 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1349)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.97108EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/03/21 12:0 a.m.88 views

EulerOS 2.0 SP5 : httpd (EulerOS-SA-2022-1326)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd...

9.8CVSS8.6AI score0.97108EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/03/02 12:0 a.m.64 views

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2022-1290)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixi...

9.8CVSS8.2AI score0.97108EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2022/03/02 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.97108EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/01/18 12:0 a.m.67 views

Oracle Linux 7 : httpd (ELSA-2022-0143)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0143 advisory. - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 - Resolves: 2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed...

9.8CVSS8.1AI score0.97108EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2022/01/13 12:0 a.m.37 views

SUSE SLES12: apache2 / apache2-doc / apache2-example-pages / apache2-prefork / etc (SUSE-SU-2022:0065-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0065-1 advisory. - CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations. bsc1193943 - CVE-2021-44790: Fixed buffer overflo...

9.8CVSS7.5AI score0.97108EPSS
Exploits4References7
OSV
OSV
added 2021/12/28 1:11 p.m.5 views

CLSA-2021-1640697114 Fix CVE(s): CVE-2021-44224, CVE-2021-44970

SECURITY UPDATE: buffer overflow in the modlua multipart parser - debian/patches/CVE-2021-44970.patch: add test to prevent integer overflow in reqparsebody - CVE-2021-44970 SECURITY UPDATE: null pointer dereference in reverse proxy module - debian/patches/CVE-2021-44224.patch: add tests for retur...

8.2CVSS7.1AI score0.82295EPSS
Exploits1References1
Rows per page
Query Builder