JLSEC-2026-160

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

AZL-31610 CVE-2023-43622 affecting package httpd for versions less than 2.4.58-1

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

Apache HTTP Server 2.4.55 - 2.4.57 DoS Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 2.4.30 - 2.4.55 HTTP Request Smuggling Vulnerability - Linux

Apache HTTP Server is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-27522

HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client...

CVE-2023-25690

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

Apache HTTP Server 环境问题漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable, and extensible via a simple API. An environmental issue vulnerability exists in Apache HTTP Server versions 2.4.30 through 2.4.55, which stems from the discovery of an HTT...

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 6.0.0: SC-202302.2

R1 Stand-alone Security Patch Available for Tenable.sc versions 5.22.0 to 6.0.0: SC-202302.2 Arnie Cabral Tue, 02/21/2023 - 11:42 Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components in use Apache was found to contain vulnerabilitie...

SUSE CVE-2020-25692

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

CVE-2022-36760 affecting package httpd for versions less than 2.4.55-1

CVE-2022-36760 affecting package httpd for versions less than 2.4.55-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-37436 affecting package httpd for versions less than 2.4.55-1

CVE-2022-37436 affecting package httpd for versions less than 2.4.55-1. An upgraded version of the package is available that resolves this issue...

Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting

...

OpenLDAP < 2.4.55 DoS Vulnerability

OpenLDAP is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Null pointer dereference

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

PT-2020-5834 · Openldap +5 · Openldap +5

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions prior to 2.4.55 Description: The issue is related to a NULL pointer dereference in the OpenLDAP server, specifically during a request for renaming RDNs. This can be exploited by an unauthenticated attacker to remotely crash...