Astra Linux - уязвимость в apache2

A carefully crafted request URI-path can cause modproxyuwsgi to exceed the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2273:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2273:01 advisory. httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modproxyuwsgi buffer overflow CVE-2020-11984 httpd: modhttp2 concurrent...

MiracleLinux 8 : httpd:2.4 (AXSA:2023-6424:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6424:01 advisory. httpd: modproxyuwsgi HTTP response splitting CVE-2023-27522 Tenable has extracted the preceding description block directly from the MiracleLinux security...

EUVD-2021-22784

Malware in sbrugna...

Important: httpd24

Issue Overview: Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE CVE-2020-11984 Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to...

Moderate: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHEL 9 : httpd (RHSA-2024:4504)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4504 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyuwsgi HTTP respon...

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modproxy: X-Forwarded-For dropped by hop-by-hop mechanism CVE-2022-31813 - Apache HTTP Server...

BIT-APACHE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

BIT-APACHE-2021-36160 mod_proxy_uwsgi out of bound read

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

BIT-APACHE-2023-27522 Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting

HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client...

Oracle Linux 9 : httpd / and / mod_http2 (ELSA-2023-6403)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6403 advisory. - Resolves: 2177753 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite and modproxy modhttp2 Tenable has extracted the preceding description block...

Moderate: Red Hat Security Advisory: httpd and mod_http2 security, bug fix, and enhancement update

An update for httpd and modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 9 : httpd and mod_http2 (RHSA-2023:6403)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6403 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a...

Rocky Linux 8 : httpd:2.4 (RLSA-2022:1915)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1915 advisory. - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this...

Rocky Linux 8 : httpd:2.4 (RLSA-2021:1809)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1809 advisory. - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry...

Ubuntu 16.04 ESM : uWSGI vulnerability (USN-5054-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5054-2 advisory. USN-5054-1 fixed a vulnerability in uWSGI for Ubuntu 18.04 LTS. This update provides the corresponding fixes for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable ha...

httpd:2.4 security update

An update is available for httpd, modmd, modhttp2, module.modmd, module.modhttp2, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

RLSA-2023:5050 Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyuwsgi HTTP response splitting CVE-2023-27522 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

Rocky Linux 8 : httpd:2.4 (RLSA-2023:5050)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5050 advisory. - HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special...