Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe

Filtered by product Libapreq2

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-12412	1 Apache	1 Libapreq2	2020-11-30	5.0 MEDIUM	7.5 HIGH
A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
CVE-2006-0042	2 Apache, Debian	2 Libapreq2, Debian Linux	2018-11-29	5.0 MEDIUM	N/A
Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.