Http Server@2.2.18 Security Vulnerabilities and Issues — Http Server@2.2.18 CVE List

Lucene search

ApacheHttp Server2.2.18

3 matches found

CVE•added 2012/08/22 7:55 p.m.•1222 views

CVE-2012-2687

Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted f...

2.6CVSS5.5AI score0.05337EPSS

CVE•added 2012/11/30 7:55 p.m.•528 views

CVE-2012-4557

The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.

5CVSS6.2AI score0.29065EPSS

CVE•added 2012/01/28 4:5 a.m.•257 views

CVE-2012-0021

The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks bot...

2.6CVSS8.8AI score0.3296EPSS