Lucene search
K

24 matches found

Rockylinux
Rockylinux
added 2026/06/01 6:2 p.m.47 views

httpd:2.4 security update

An update is available for modhttp2, module.modmd, module.modhttp2, modmd, module.httpd, httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd package...

9.8CVSS6.3AI score0.04409EPSS
Exploits1
Rockylinux
Rockylinux
added 2026/05/30 6:3 p.m.56 views

httpd security update

An update is available for httpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

9.8CVSS6.3AI score0.01325EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.9 views

AlmaLinux 10 : httpd (ALSA-2026:21433)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21433 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due...

9.8CVSS6.4AI score0.01325EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/27 9:13 p.m.42 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS6.3AI score0.01325EPSS
Exploits0References6
OSV
OSV
added 2026/05/22 1:18 p.m.15 views

OESA-2026-2402 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users ar...

6.5CVSS5.8AI score0.00514EPSS
Exploits0References5
OSV
OSV
added 2026/05/22 1:18 p.m.6 views

OESA-2026-2400 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users ar...

6.5CVSS5.8AI score0.00514EPSS
Exploits0References5
OSV
OSV
added 2026/05/18 3:38 p.m.6 views

CLSA-2026-1779118679 Fix of 8 CVEs

SECURITY UPDATE: modproxyajp heap buffer over-read in ajpmsggetstring - debian/patches/CVE-2026-34032.patch: add buffer checks in modules/proxy/ajpmsg.c. - CVE-2026-34032 SECURITY UPDATE: AJP getter functions off-by-one out-of-bounds reads - debian/patches/CVE-2026-33857.patch: fix length checks ...

9.8CVSS5.9AI score0.01325EPSS
Exploits2References1
OSV
OSV
added 2026/05/13 7:0 a.m.13 views

MGASA-2026-0129 Updated apache packages fix security vulnerabilities

http2: double free and possible RCE on early reset. CVE-2026-23918 modrewrite elevation of privileges via apexpr. CVE-2026-24072 buffer overflow in modproxyajp via ajpmsgcheckheader. CVE-2026-28780 modmd unrestricted OCSP response. CVE-2026-29168 moddavlock indirect lock crash. CVE-2026-29169...

9.8CVSS6.1AI score0.4581EPSS
Exploits18References16
OSV
OSV
added 2026/05/11 9:15 a.m.8 views

CLSA-2026-1778490923 httpd: Fix of 9 CVEs

CVE-2026-33857: fix length checks in AJP msgget functions - CVE-2026-34032: fix ajpmsggetstring buffer checks - CVE-2026-34059: fix ajpparsedata message len check - CVE-2026-24072: use APEXPRFLAGRESTRICTED in htaccess - CVE-2026-29169: moddavlock: use the right davlockdiscovery - CVE-2026-33006:...

9.8CVSS5.9AI score0.01325EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2026/05/04 2:41 p.m.6 views

CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

5.3CVSS5.8AI score0.00514EPSS
Exploits0
CVE
CVE
added 2026/05/04 2:41 p.m.156 views

CVE-2026-33007

CVE-2026-33007 affects the Apache HTTP Server mod_authn_socache, where a NULL pointer dereference in 2.4.66 and earlier allows an unauthenticated remote user to crash a child process within a caching forward proxy configuration. The issue is resolved by upgrading to version 2.4.67. Unclear if in-...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/04 2:41 p.m.113 views

CVE-2026-33007 Apache HTTP Server: mod_authn_socache crash

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00514EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.8 views

PT-2026-36814

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description A NULL pointer dereference in the mod authn socache module allows an unauthenticated remote user to crash a child process when a caching forward proxy configuration is used. A NULL pointe...

9.8CVSS5.8AI score0.99957EPSS
Exploits3References179
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.3 views

SUSE CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

7.5CVSS8.8AI score0.70783EPSS
Exploits0References8
VulnCheck KEV
VulnCheck KEV
added 2022/02/22 12:0 a.m.5 views

VulnCheck KEV: CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is...

7.5CVSS7.1AI score0.70783EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/09/29 7:26 p.m.4 views

httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

7.5CVSS7.2AI score0.70783EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.3 views

The vulnerability of the mod_cache_socache module in the Apache HTTP Server, related to reading data beyond the buffer’s acceptable limit, allows attackers to cause service failures.

The vulnerability of the modcachesocache module in the Apache HTTP Server relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

5.3CVSS7.5AI score0.70783EPSS
Exploits0References16Affected Software5
RedHat Linux
RedHat Linux
added 2019/02/18 4:58 p.m.6 views

httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

7.5CVSS7.2AI score0.70783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/02/18 4:55 p.m.6 views

httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

7.5CVSS7.2AI score0.70783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/11/13 8:36 a.m.7 views

httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

7.5CVSS7.2AI score0.70783EPSS
Exploits0References4
Rows per page
Query Builder