12 matches found
EUVD-2020-12745
Malicious code in bioql PyPI...
BIT-APACHE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...
CentOS 8 : httpd:2.4 (CESA-2021:4257)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4257 advisory. - httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 - httpd: Unexpected URL matching with 'MergeSlashes OFF'...
Moderate: Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2021:4257 Moderate: httpd:2.4 security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...
Moderate: httpd:2.4 security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF' CVE-2021-30641 For more details about t...
FreeBSD : Apache httpd -- Multiple vulnerabilities (cce76eca-ca16-11eb-9b84-d4c9ef517024)
The Apache httpd reports : - moderate: modproxywstunnel tunneling of non Upgraded connections CVE-2019-17567 - moderate: Improper Handling of Insufficient Privileges CVE-2020-13938 - low: modproxyhttp NULL pointer dereference CVE-2020-13950 - low: modauthdigest possible stack overflow by one nul...
CVE-2021-30641 Unexpected URL matching with 'MergeSlashes OFF'
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'...
Apache HTTP Server 2.4.39 - 2.4.46 Unexpected URL Matching Vulnerability - Windows
Apache HTTP Server is prone to an unexpected URL matching vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Apache HTTP Server 2.4.39 - 2.4.46 Unexpected URL Matching Vulnerability - Linux
Apache HTTP Server is prone to an unexpected URL matching vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1601)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2019-10098
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL...