VuXML ID | Description |
8e6f684b-f333-11ee-a573-84a93843eb75 | Apache httpd -- multiple vulnerabilities
The Apache httpd project reports:
HTTP/2 DoS by memory exhaustion on endless continuation frames
HTTP Response Splitting in multiple modules
Discovery 2024-04-04 Entry 2024-04-05 apache24
< 2.4.59
mod_http2
< 2.0.27
CVE-2024-27316
CVE-2024-24795
CVE-2024-38709
https://downloads.apache.org/httpd/CHANGES_2.4.59
|
b360b120-74b1-11ea-a84a-4c72b94353b5 | Apache -- Multiple vulnerabilities
Apache Team reports:
SECURITY: CVE-2020-1934
mod_proxy_ftp: Use of uninitialized value with malicious backend FTP
server.
SECURITY: CVE-2020-1927
rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable
matches and substitutions with encoded line break characters.
The fix for CVE-2019-10098 was not effective.
Discovery 2020-04-01 Entry 2020-04-02 apache24
< 2.4.43
https://downloads.apache.org/httpd/CHANGES_2.4.43
CVE-2020-1934
CVE-2020-1927
|
00919005-96a3-11ed-86e9-d4c9ef517024 | Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports:
mod_dav out of bounds read, or write of zero byte (CVE-2006-20001)
(moderate)
mod_proxy_ajp Possible request smuggling (CVE-2022-36760) (moderate)
mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response
splitting (CVE-2022-37436) (moderate)
Discovery 2023-01-17 Entry 2023-01-17 apache24
< 2.4.55
CVE-2022-37436
CVE-2022-36760
CVE-2006-20001
https://downloads.apache.org/httpd/CHANGES_2.4.55
|
cce76eca-ca16-11eb-9b84-d4c9ef517024 | Apache httpd -- Multiple vulnerabilities
The Apache httpd reports:
- moderate: mod_proxy_wstunnel tunneling of non Upgraded
connections (CVE-2019-17567)
- moderate: Improper Handling of Insufficient Privileges
(CVE-2020-13938)
- low: mod_proxy_http NULL pointer dereference
(CVE-2020-13950)
- low: mod_auth_digest possible stack overflow by one nul byte
(CVE-2020-35452)
- low: mod_session NULL pointer dereference (CVE-2021-26690)
- low: mod_session response handling heap overflow (CVE-2021-26691)
- moderate: Unexpected URL matching with 'MergeSlashes OFF'
(CVE-2021-30641)
- important: NULL pointer dereference on specially crafted HTTP/2
request (CVE-2021-31618)
Discovery 2021-06-09 Entry 2021-06-10 apache24
< 2.4.48
CVE-2019-17567
CVE-2020-13938
CVE-2020-13950
CVE-2020-35452
CVE-2021-26690
CVE-2021-26691
CVE-2021-30641
CVE-2021-31618
https://httpd.apache.org/security/vulnerabilities_24.html
|
ca982e2d-61a9-11ec-8be6-d4c9ef517024 | Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports:
moderate: Possible NULL dereference or SSRF in forward proxy
configurations in Apache HTTP Server 2.4.51 and earlier (CVE-2021-44224)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference) or, for
configurations mixing forward and reverse proxy declarations, can allow
for requests to be directed to a declared Unix Domain Socket endpoint
(Server Side Request Forgery).
high: Possible buffer overflow when parsing multipart content in
mod_lua of Apache HTTP Server 2.4.51 and earlier (CVE-2021-44790) A
carefully crafted request body can cause a buffer overflow in the
mod_lua multipart parser (r:parsebody() called from Lua scripts).
Discovery 2021-12-20 Entry 2021-12-20 apache24
< 2.4.52
CVE-2021-44224
CVE-2021-44790
https://httpd.apache.org/security/vulnerabilities_24.html
|
f923205f-6e66-11ee-85eb-84a93843eb75 | Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports:
- CVE-2023-45802: Apache HTTP Server: HTTP/2 stream
memory not reclaimed right away on RST
- CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with
initial windows size 0
- CVE-2023-31122: mod_macro buffer over-read
Discovery 2023-10-19 Entry 2023-10-19 apache24
< 2.4.58
CVE-2023-45802
CVE-2023-43622
CVE-2023-31122
https://dlcdn.apache.org/httpd/CHANGES_2.4.58
|
882a38f9-17dd-11ec-b335-d4c9ef517024 | Apache httpd -- multiple vulnerabilities
The Apache project reports:
- moderate: Request splitting via HTTP/2 method injection and
mod_proxy (CVE-2021-33193)
- moderate: NULL pointer dereference in httpd core
(CVE-2021-34798)
- moderate: mod_proxy_uwsgi out of bound read (CVE-2021-36160)
- low: ap_escape_quotes buffer overflow (CVE-2021-39275)
- high: mod_proxy SSRF (CVE-2021-40438)
Discovery 2021-09-16 Entry 2021-09-17 Modified 2021-09-28 apache24
< 2.4.49
CVE-2021-33193
CVE-2021-34798
CVE-2021-36160
CVE-2021-39275
CVE-2021-40438
http://httpd.apache.org/security/vulnerabilities_24.html
|
49adfbe5-e7d1-11ec-8fbd-d4c9ef517024 | Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports:
- CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop
mechanism. Apache HTTP Server 2.4.53 and earlier may not send the
X-Forwarded-* headers to the origin server based on client side
Connection header hop-by-hop mechanism. This may be used to bypass
IP based authentication on the origin server/application.
- CVE-2022-30556: Information Disclosure in mod_lua with websockets.
Apache HTTP Server 2.4.53 and earlier may return lengths to
applications calling r:wsread() that point past the end of the
storage allocated for the buffer.
- CVE-2022-30522: mod_sed denial of service. If Apache HTTP Server
2.4.53 is configured to do transformations with mod_sed in contexts
where the input to mod_sed may be very large, mod_sed may make
excessively large memory allocations and trigger an abort.
- CVE-2022-29404: Denial of service in mod_lua r:parsebody. In Apache
HTTP Server 2.4.53 and earlier, a malicious request to a lua script
that calls r:parsebody(0) may cause a denial of service due to no
default limit on possible input size.
- CVE-2022-28615: Read beyond bounds in ap_strcmp_match(). Apache
HTTP Server 2.4.53 and earlier may crash or disclose information due
to a read beyond bounds in ap_strcmp_match() when provided with an
extremely large input buffer. While no code distributed with the
server can be coerced into such a call, third-party modules or lua
scripts that use ap_strcmp_match() may hypothetically be affected.
- CVE-2022-28614: read beyond bounds via ap_rwrite(). The ap_rwrite()
function in Apache HTTP Server 2.4.53 and earlier may read unintended
memory if an attacker can cause the server to reflect very large
input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts()
function.
- CVE-2022-28330: read beyond bounds in mod_isapi. Apache HTTP Server
2.4.53 and earlier on Windows may read beyond bounds when configured
to process requests with the mod_isapi module.
- CVE-2022-26377: mod_proxy_ajp: Possible request smuggling.
Inconsistent Interpretation of HTTP Requests ('HTTP Request
Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server
allows an attacker to smuggle requests to the AJP server it forwards
requests to.
Discovery 2022-06-08 Entry 2022-06-09 Modified 2022-06-10 apache24
< 2.4.54
CVE-2022-31813
CVE-2022-30556
CVE-2022-30522
CVE-2022-29404
CVE-2022-28615
CVE-2022-28614
CVE-2022-28330
CVE-2022-26377
http://downloads.apache.org/httpd/CHANGES_2.4.54
|
76700d2f-d959-11ea-b53c-d4c9ef517024 | Apache httpd -- Multiple vulnerabilities
The Apache httpd projec reports:
- mod_http2: Important: Push Diary Crash on Specifically
Crafted HTTP/2 Header (CVE-2020-9490)
A specially crafted value for the 'Cache-Digest' header in a HTTP/2
request would result in a crash when the server actually tries to
HTTP/2 PUSH a resource afterwards.
- mod_proxy_uwsgi: Moderate: mod_proxy_uwsgi buffer overflow
(CVE-2020-11984)
info disclosure and possible RCE
- mod_http2: Moderate: Push Diary Crash on Specifically Crafted
HTTP/2 Header (CVE-2020-11993)
When trace/debug was enabled for the HTTP/2 module and on certain
traffic edge patterns, logging statements were made on the wrong
connection, causing concurrent use of memory pools.
Discovery 2020-08-07 Entry 2020-08-08 Modified 2020-08-08 apache24
< 2.4.46
mod_http2
< 1.15.14
https://downloads.apache.org/httpd/CHANGES_2.4.46
https://httpd.apache.org/security/vulnerabilities_24.html
CVE-2020-9490
CVE-2020-11984
CVE-2020-11993
|
6601c08d-a46c-11ec-8be6-d4c9ef517024 | Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports:
mod_lua: Use of uninitialized value of in r:parsebody (moderate)
(CVE-2022-22719) A carefully crafted request body can cause a
read to a random memory area which could cause the process to crash.
HTTP request smuggling vulnerability (important) (CVE-2022-22720)
httpd fails to close inbound connection when errors are
encountered discarding the request body, exposing the server to HTTP
Request Smuggling
core: Possible buffer overflow with very large or unlimited
LimitXMLRequestBody (low) (CVE-2022-22721) If LimitXMLRequestBody
is set to allow request bodies larger than 350MB (defaults to 1M) on 32
bit systems an integer overflow happens which later causes out of
bounds writes.
mod_sed: Read/write beyond bounds (important) (CVE-2022-23924)
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server
allows an attacker to overwrite heap memory with possibly attacker
provided data.
Discovery 2022-03-14 Entry 2022-03-15 apache24
< 2.4.53
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721
CVE-2022-23943
https://httpd.apache.org/security/vulnerabilities_24.html
|
8edeb3c1-bfe7-11ed-96f5-3497f65b111b | Apache httpd -- Multiple vulnerabilities
The Apache httpd project reports:
- CVE-2023-27522: Apache HTTP Server: mod_proxy_uwsgi
HTTP response splitting (cve.mitre.org).
HTTP Response Smuggling vulnerability in Apache HTTP Server
via mod_proxy_uwsgi. This issue affects Apache HTTP Server:
from 2.4.30 through 2.4.55.
Special characters in the origin response header can
truncate/split the response forwarded to the client.
- CVE-2023-25690: HTTP request splitting with mod_rewrite
and mod_proxy (cve.mitre.org).
Some mod_proxy configurations on Apache HTTP Server versions
2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.
Configurations are affected when mod_proxy is enabled along
with some form of RewriteRule or ProxyPassMatch in which a
non-specific pattern matches some portion of the user-supplied
request-target (URL) data and is then re-inserted into the
proxied request-target using variable substitution.
Discovery 2023-03-08 Entry 2023-03-11 apache24
< 2.4.56
CVE-2023-25690
CVE-2023-27522
https://downloads.apache.org/httpd/CHANGES_2.4.56
|