Search
Total
282 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7679 | 1 Apache | 1 Http Server | 2021-06-06 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. | |||||
| CVE-2017-3167 | 6 Apache, Apple, Debian and 3 more | 15 Http Server, Mac Os X, Debian Linux and 12 more | 2021-06-06 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. | |||||
| CVE-2016-4979 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | 7.5 HIGH |
| The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the ability to send multiple requests over a single connection and aborting a renegotiation. | |||||
| CVE-2016-1546 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via modified flow-control windows. | |||||
| CVE-2015-3185 | 3 Apache, Apple, Canonical | 5 Http Server, Mac Os X, Mac Os X Server and 2 more | 2021-06-06 | 4.3 MEDIUM | N/A |
| The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior. | |||||
| CVE-2014-8109 | 2 Apache, Canonical | 2 Http Server, Ubuntu Linux | 2021-06-06 | 4.3 MEDIUM | N/A |
| mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory. | |||||
| CVE-2013-4352 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | N/A |
| The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value. | |||||
| CVE-2013-5704 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such." | |||||
| CVE-2013-6438 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request. | |||||
| CVE-2012-3502 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | N/A |
| The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client. | |||||
| CVE-2012-0883 | 1 Apache | 1 Http Server | 2021-06-06 | 6.9 MEDIUM | N/A |
| envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl. | |||||
| CVE-2003-0016 | 1 Apache | 1 Http Server | 2021-06-06 | 7.5 HIGH | N/A |
| Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. | |||||
| CVE-2003-0020 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. | |||||
| CVE-2020-9490 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | 7.5 HIGH |
| Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. | |||||
| CVE-2020-11993 | 7 Apache, Canonical, Debian and 4 more | 13 Http Server, Ubuntu Linux, Debian Linux and 10 more | 2021-06-06 | 4.3 MEDIUM | 7.5 HIGH |
| Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers. | |||||
| CVE-2020-11984 | 7 Apache, Canonical, Debian and 4 more | 13 Http Server, Ubuntu Linux, Debian Linux and 10 more | 2021-06-06 | 7.5 HIGH | 9.8 CRITICAL |
| Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | |||||
| CVE-2019-10081 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2021-06-06 | 5.0 MEDIUM | 7.5 HIGH |
| HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client. | |||||
| CVE-2011-4317 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | N/A |
| The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. | |||||
| CVE-2019-0197 | 1 Apache | 1 Http Server | 2021-06-06 | 4.9 MEDIUM | 4.2 MEDIUM |
| A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set "H2Upgrade on" are unaffected by this issue. | |||||
| CVE-2019-0211 | 5 Apache, Canonical, Debian and 2 more | 5 Http Server, Ubuntu Linux, Debian Linux and 2 more | 2021-06-06 | 7.2 HIGH | 7.8 HIGH |
| In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. | |||||
| CVE-2019-0217 | 8 Apache, Canonical, Debian and 5 more | 14 Http Server, Ubuntu Linux, Debian Linux and 11 more | 2021-06-06 | 6.0 MEDIUM | 7.5 HIGH |
| In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | |||||
| CVE-2018-17199 | 5 Apache, Canonical, Debian and 2 more | 6 Http Server, Ubuntu Linux, Debian Linux and 3 more | 2021-06-06 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded. | |||||
| CVE-2018-11763 | 5 Apache, Canonical, Netapp and 2 more | 9 Http Server, Ubuntu Linux, Storage Automation Store and 6 more | 2021-06-06 | 4.3 MEDIUM | 5.9 MEDIUM |
| In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. | |||||
| CVE-2018-8011 | 2 Apache, Netapp | 2 Http Server, Cloud Backup | 2021-06-06 | 5.0 MEDIUM | 7.5 HIGH |
| By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33). | |||||
| CVE-2018-1333 | 4 Apache, Canonical, Netapp and 1 more | 6 Http Server, Ubuntu Linux, Cloud Backup and 3 more | 2021-06-06 | 5.0 MEDIUM | 7.5 HIGH |
| By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33). | |||||
| CVE-2002-1592 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2002-0839 | 1 Apache | 1 Http Server | 2021-06-06 | 7.2 HIGH | N/A |
| The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | |||||
| CVE-2001-0730 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header. | |||||
| CVE-2001-0729 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. | |||||
| CVE-2000-1206 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. | |||||
| CVE-2000-1205 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | N/A |
| Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant. | |||||
| CVE-2007-1862 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information. | |||||
| CVE-2007-6420 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors. | |||||
| CVE-2007-6422 | 1 Apache | 1 Http Server | 2021-06-06 | 4.0 MEDIUM | N/A |
| The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable. | |||||
| CVE-2008-0456 | 1 Apache | 1 Http Server | 2021-06-06 | 2.6 LOW | N/A |
| CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file. | |||||
| CVE-2009-1890 | 1 Apache | 1 Http Server | 2021-06-06 | 7.1 HIGH | N/A |
| The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests. | |||||
| CVE-2009-3094 | 1 Apache | 1 Http Server | 2021-06-06 | 2.6 LOW | N/A |
| The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. | |||||
| CVE-2012-3499 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules. | |||||
| CVE-2012-4557 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request. | |||||
| CVE-2014-0117 | 2 Apache, Apple | 2 Http Server, Mac Os X | 2021-06-06 | 4.3 MEDIUM | N/A |
| The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header. | |||||
| CVE-2016-8740 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | 7.5 HIGH |
| The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request. | |||||
| CVE-2019-0196 | 3 Apache, Canonical, Debian | 3 Http Server, Ubuntu Linux, Debian Linux | 2021-06-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly. | |||||
| CVE-2019-0215 | 2 Apache, Fedoraproject | 2 Http Server, Fedora | 2021-06-06 | 6.0 MEDIUM | 7.5 HIGH |
| In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. | |||||
| CVE-2003-0253 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. | |||||
| CVE-2011-3348 | 1 Apache | 1 Http Server | 2021-06-06 | 4.3 MEDIUM | N/A |
| The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request. | |||||
| CVE-2004-0174 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket." | |||||
| CVE-2003-0993 | 1 Apache | 1 Http Server | 2021-06-06 | 7.5 HIGH | N/A |
| mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions. | |||||
| CVE-2004-0113 | 1 Apache | 1 Http Server | 2021-06-06 | 5.0 MEDIUM | N/A |
| Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server. | |||||
| CVE-2003-0987 | 1 Apache | 1 Http Server | 2021-06-06 | 7.5 HIGH | N/A |
| mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret. | |||||
| CVE-2003-0789 | 1 Apache | 1 Http Server | 2021-06-06 | 10.0 HIGH | N/A |
| mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. | |||||