Lucene search
K
HttpdMost viewed

271 matches found

Apache Httpd
Apache Httpd
•added 2022/03/14 12:0 a.m.•1501 views

Apache Httpd < 2.4.53 : HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling...

9.8CVSS0.6AI score0.28189EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2022/06/08 12:0 a.m.•1091 views

Apache Httpd < 2.4.54 : mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application...

9.8CVSS1AI score0.0314EPSS
Exploits1
Apache Httpd
Apache Httpd
•added 2013/03/05 12:0 a.m.•647 views

Apache Httpd < 2.4.33 : Weak Digest auth nonce generation in mod_auth_digest

When generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker withou...

9.8CVSS1.7AI score0.15885EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/09/16 12:0 a.m.•585 views

Apache Httpd < 2.4.49 : ap_escape_quotes buffer overflow

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.8CVSS2AI score0.36339EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2019/03/26 12:0 a.m.•486 views

Apache Httpd < 2.4.41 : mod_rewrite potential open redirect

Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

6.1CVSS0.4AI score0.73981EPSS
Exploits1Affected Software1
Apache Httpd
Apache Httpd
•added 2022/03/14 12:0 a.m.•468 views

Apache Httpd < 2.4.53 : mod_sed: Read/write beyond bounds

Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions...

9.8CVSS4.2AI score0.50401EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/12/20 12:0 a.m.•435 views

Apache Httpd < 2.4.52 : Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier

A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...

9.8CVSS1.6AI score0.97108EPSS
Exploits4
Apache Httpd
Apache Httpd
•added 2021/03/01 12:0 a.m.•387 views

Apache Httpd < 2.4.48 : mod_session response handling heap overflow

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow...

9.8CVSS9.2AI score0.68067EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2020/07/22 12:0 a.m.•385 views

Apache Httpd < 2.4.44 : mod_proxy_uwsgi buffer overflow

In Apache HTTP Server versions 2.4.32 to 2.4.43, modproxyuwsgi has a information disclosure and possible RCE...

9.8CVSS8.5AI score0.90039EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2021/09/16 12:0 a.m.•381 views

Apache Httpd < 2.4.49 : mod_proxy SSRF

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

9CVSS1.5AI score0.99999EPSS
Exploits5
Apache Httpd
Apache Httpd
•added 2022/06/08 12:0 a.m.•272 views

Apache Httpd < 2.4.54 : Read beyond bounds in ap_strcmp_match()

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.1CVSS0.6AI score0.05729EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2021/09/29 12:0 a.m.•263 views

Apache Httpd < 2.4.50 : Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS1AI score0.99992EPSS
Exploits150
Apache Httpd
Apache Httpd
•added 2021/12/20 12:0 a.m.•262 views

Apache Httpd < 2.4.52 : Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

8.2CVSS0.4AI score0.82295EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2015/11/15 12:0 a.m.•258 views

Apache Httpd < 2.2.34 : mod_mime Buffer Overread

modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header...

9.8CVSS0.5AI score0.39341EPSS
Exploits3Affected Software1
Apache Httpd
Apache Httpd
•added 2019/07/09 12:0 a.m.•251 views

Apache Httpd < 2.4.41 : Limited cross-site scripting in mod_proxy error page

A limited cross-site scripting issue was reported affecting the modproxy error page. An attacker could cause the link on the error page to be malfomed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured ...

6.1CVSS0.2AI score0.81466EPSS
Exploits4Affected Software1
Apache Httpd
Apache Httpd
•added 2017/11/24 12:0 a.m.•250 views

Apache Httpd < 2.4.33 : <FilesMatch> bypass with a trailing newline in the file name

The expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename...

8.1CVSS0.6AI score0.86006EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/04/10 12:0 a.m.•238 views

Apache Httpd < 2.4.41 : mod_http2, DoS attack by exhausting h2 workers.

A malicious client could perform a DoS attack by flooding a connection with requests and basically never reading responses on the TCP connection. Depending on h2 worker dimensioning, it was possible to block those with relatively few connections...

7.8CVSS1.8AI score0.27004EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2016/02/10 12:0 a.m.•236 views

Apache Httpd < 2.4.25 : Apache HTTP Request Parsing Whitespace Defects

Apache HTTP Server, prior to release 2.4.25 and 2.2.32, accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines...

7.5CVSS7.7AI score0.13252EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2022/03/14 12:0 a.m.•221 views

Apache Httpd < 2.4.53 : core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody

If LimitXMLRequestBody is set to allow request bodies larger than 350MB defaults to 1M on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier...

9.1CVSS1.2AI score0.41861EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2022/06/08 12:0 a.m.•219 views

Apache Httpd < 2.4.54 : mod_proxy_ajp: Possible request smuggling

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...

7.5CVSS2.6AI score0.19008EPSS
Exploits1
Apache Httpd
Apache Httpd
•added 2022/06/08 12:0 a.m.•211 views

Apache Httpd < 2.4.54 : read beyond bounds in mod_isapi

Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...

5.3CVSS0.8AI score0.03398EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2021/10/06 12:0 a.m.•211 views

Apache Httpd < 2.4.51 : Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

9.8CVSS2.2AI score0.99992EPSS
Exploits175
Apache Httpd
Apache Httpd
•added 2019/07/23 12:0 a.m.•207 views

Apache Httpd < 2.4.41 : CVE-2019-10097 mod_remoteip: Stack buffer overflow and NULL pointer dereference

When modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients...

7.2CVSS1.9AI score0.52873EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2018/10/08 12:0 a.m.•200 views

Apache Httpd < 2.4.38 : mod_session_cookie does not respect expiry time

In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for modsessioncookie sessions since the expiry time is loaded when the session is decoded...

7.5CVSS0.3AI score0.19994EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/12/05 12:0 a.m.•196 views

Apache Httpd < 2.4.42 : mod_rewrite CWE-601 open redirect

In Apache HTTP Server versions 2.4.0 to 2.4.41 some modrewrite configurations vulnerable to open redirect...

6.1CVSS7.2AI score0.56691EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2014/05/30 12:0 a.m.•184 views

Apache Httpd < 2.2.29 : mod_status buffer overflow

A race condition was found in modstatus. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessibl...

6.8CVSS6.2AI score0.85744EPSS
Exploits4Affected Software1
Apache Httpd
Apache Httpd
•added 2015/11/15 12:0 a.m.•182 views

Apache Httpd < 2.4.26 : mod_mime Buffer Overread

modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header...

9.8CVSS0.5AI score0.39341EPSS
Exploits3Affected Software1
Apache Httpd
Apache Httpd
•added 2016/12/05 12:0 a.m.•171 views

Apache Httpd < 2.4.26 : mod_ssl Null Pointer Dereference

modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port...

9.8CVSS0.6AI score0.19953EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2013/09/06 12:0 a.m.•170 views

Apache Httpd < 2.2.29 : HTTP Trailers processing bypass

HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the "MergeTrailers" directive to restore legacy behavior...

5CVSS2.6AI score0.60205EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2017/02/06 12:0 a.m.•168 views

Apache Httpd < 2.4.26 : ap_get_basic_auth_pw() Authentication Bypass

Use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use apgetbasicauthcomponents, available in 2.2.34 and 2.4.26, instead of apgetbasicauthpw. Modules which call the legacy...

9.8CVSS2AI score0.20231EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2022/03/14 12:0 a.m.•167 views

Apache Httpd < 2.4.53 : mod_lua Use of uninitialized value of in r:parsebody

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS2.1AI score0.69803EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2020/11/11 12:0 a.m.•167 views

Apache Httpd < 2.4.48 : mod_auth_digest possible stack overflow by one nul byte

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make i...

7.3CVSS8.4AI score0.53191EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/02/22 12:0 a.m.•167 views

Apache Httpd < 2.4.39 : Apache HTTP Server privilege escalation from modules' scripts

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS1.7AI score0.65005EPSS
Exploits8Affected Software1
Apache Httpd
Apache Httpd
•added 2022/06/08 12:0 a.m.•165 views

Apache Httpd < 2.4.54 : read beyond bounds via ap_rwrite()

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...

5.3CVSS1.4AI score0.04428EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2019/01/20 12:0 a.m.•165 views

Apache Httpd < 2.4.39 : Apache httpd URL normalization inconsistincy

When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them...

5.3CVSS2.1AI score0.1786EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/02/08 12:0 a.m.•164 views

Apache Httpd < 2.4.48 : mod_session NULL pointer dereference

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service...

7.5CVSS8.4AI score0.65067EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2020/01/03 12:0 a.m.•164 views

Apache Httpd < 2.4.42 : mod_proxy_ftp use of uninitialized value

in Apache HTTP Server versions 2.4.0 to 2.4.41, modproxyftp use of uninitialized value with malicious FTP backend...

5.3CVSS6.7AI score0.51951EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2022/06/08 12:0 a.m.•162 views

Apache Httpd < 2.4.54 : Denial of service in mod_lua r:parsebody

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody0 may cause a denial of service due to no default limit on possible input size...

7.5CVSS1.6AI score0.05678EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/09/16 12:0 a.m.•162 views

Apache Httpd < 2.4.49 : NULL pointer dereference in httpd core

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

7.5CVSS0.8AI score0.64509EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2022/06/08 12:0 a.m.•161 views

Apache Httpd < 2.4.54 : Information Disclosure in mod_lua with websockets

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...

7.5CVSS0.7AI score0.04687EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2020/06/16 12:0 a.m.•161 views

Apache Httpd < 2.4.44 : Push Diary Crash on Specifically Crafted HTTP/2 Header

In Apache HTTP Server versions 2.4.20 to 2.4.43, when trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate...

7.5CVSS8.6AI score0.58716EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2021/05/11 12:0 a.m.•154 views

Apache Httpd < 2.4.49 : Request splitting via HTTP/2 method injection and mod_proxy

A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48...

7.5CVSS1.3AI score0.46179EPSS
Exploits1
Apache Httpd
Apache Httpd
•added 2019/10/05 12:0 a.m.•153 views

Apache Httpd < 2.4.48 : mod_proxy_wstunnel tunneling of non Upgraded connections

Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authenticati...

5.3CVSS7.6AI score0.60266EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2013/09/06 12:0 a.m.•151 views

Apache Httpd < 2.4.12 : HTTP Trailers processing bypass

HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the "MergeTrailers" directive to restore legacy behavior...

5CVSS2.6AI score0.60205EPSS
Exploits2Affected Software1
Apache Httpd
Apache Httpd
•added 2019/01/29 12:0 a.m.•150 views

Apache Httpd < 2.4.39 : mod_auth_digest access control bypass

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in modauthdigest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions...

7.5CVSS2AI score0.17666EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/01/26 12:0 a.m.•148 views

Apache Httpd < 2.4.48 : Improper Handling of Insufficient Privileges

Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows...

5.5CVSS4.1AI score0.11773EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2021/04/26 12:0 a.m.•145 views

Apache Httpd < 2.4.49 : mod_proxy_uwsgi out of bound read

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

7.5CVSS1.7AI score0.62887EPSS
Exploits0
Apache Httpd
Apache Httpd
•added 2016/01/20 12:0 a.m.•144 views

Apache Httpd < 2.4.25 : Padding Oracle in Apache mod_session_crypto

Prior to Apache HTTP release 2.4.25, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks,...

7.5CVSS1.5AI score0.49024EPSS
Exploits4Affected Software1
Apache Httpd
Apache Httpd
•added 2017/06/28 12:0 a.m.•142 views

Apache Httpd < 2.4.27 : Uninitialized memory reflection in mod_auth_digest

The value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior...

9.1CVSS3.1AI score0.5677EPSS
Exploits0Affected Software1
Apache Httpd
Apache Httpd
•added 2017/07/12 12:0 a.m.•141 views

Apache Httpd < 2.4.28 : Use-after-free when using <Limit > with an unrecognized method in .htaccess ("OptionsBleed")

When an unrecognized HTTP Method is given in an directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusu...

7.5CVSS7.8AI score0.94999EPSS
Exploits9Affected Software1
Total number of security vulnerabilities271