rpm package
opensuse/apache2&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/apache2&distro=openSUSE%20Tumbleweed
Vulnerabilities (136)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41773 | — | KEV | < 2.4.51-1.1 | 2.4.51-1.1 | Oct 5, 2021 | A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usu | |
| CVE-2019-10082 | — | < 2.4.49-1.1 | 2.4.49-1.1 | Sep 26, 2019 | In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. | ||
| CVE-2019-10097 | — | < 2.4.49-1.1 | 2.4.49-1.1 | Sep 26, 2019 | In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggere | ||
| CVE-2019-10092 | — | < 2.4.49-1.1 | 2.4.49-1.1 | Sep 26, 2019 | In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server | ||
| CVE-2019-10098 | — | < 2.4.49-1.1 | 2.4.49-1.1 | Sep 25, 2019 | In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL. | ||
| CVE-2019-10081 | — | < 2.4.49-1.1 | 2.4.49-1.1 | Aug 15, 2019 | HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the cl | ||
| CVE-2019-9517 | — | < 2.4.49-1.1 | 2.4.49-1.1 | Aug 13, 2019 | Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually writ | ||
| CVE-2017-9798 | Hig | 7.5 | < 2.4.49-1.1 | 2.4.49-1.1 | Sep 18, 2017 | Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27 | |
| CVE-2016-8740 | Hig | 7.5 | < 2.4.49-1.1 | 2.4.49-1.1 | Dec 5, 2016 | The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in a | |
| CVE-2016-5387 | Hig | 8.1 | < 2.4.49-1.1 | 2.4.49-1.1 | Jul 19, 2016 | The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traff | |
| CVE-2016-4979 | Hig | 7.5 | < 2.4.23-4.1 | 2.4.23-4.1 | Jul 6, 2016 | The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the abili | |
| CVE-2015-0253 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Jul 20, 2015 | The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method | ||
| CVE-2015-4000 | Low | 3.7 | < 2.4.23-4.1 | 2.4.23-4.1 | May 21, 2015 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D | |
| CVE-2015-0228 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Mar 8, 2015 | The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade functio | ||
| CVE-2014-8109 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Dec 29, 2014 | mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intend | ||
| CVE-2014-3583 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Dec 15, 2014 | The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers. | ||
| CVE-2014-3581 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Oct 10, 2014 | The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header. | ||
| CVE-2014-3523 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Jul 20, 2014 | Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests | ||
| CVE-2014-0231 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Jul 20, 2014 | The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor. | ||
| CVE-2014-0226 | — | < 2.4.23-4.1 | 2.4.23-4.1 | Jul 20, 2014 | Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers im |
- affected < 2.4.51-1.1fixed 2.4.51-1.1
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usu
- CVE-2019-10082Sep 26, 2019affected < 2.4.49-1.1fixed 2.4.49-1.1
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
- CVE-2019-10097Sep 26, 2019affected < 2.4.49-1.1fixed 2.4.49-1.1
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggere
- CVE-2019-10092Sep 26, 2019affected < 2.4.49-1.1fixed 2.4.49-1.1
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server
- CVE-2019-10098Sep 25, 2019affected < 2.4.49-1.1fixed 2.4.49-1.1
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
- CVE-2019-10081Aug 15, 2019affected < 2.4.49-1.1fixed 2.4.49-1.1
HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the cl
- CVE-2019-9517Aug 13, 2019affected < 2.4.49-1.1fixed 2.4.49-1.1
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually writ
- affected < 2.4.49-1.1fixed 2.4.49-1.1
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27
- affected < 2.4.49-1.1fixed 2.4.49-1.1
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in a
- affected < 2.4.49-1.1fixed 2.4.49-1.1
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traff
- affected < 2.4.23-4.1fixed 2.4.23-4.1
The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveraging the abili
- CVE-2015-0253Jul 20, 2015affected < 2.4.23-4.1fixed 2.4.23-4.1
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) by sending a request that lacks a method
- affected < 2.4.23-4.1fixed 2.4.23-4.1
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D
- CVE-2015-0228Mar 8, 2015affected < 2.4.23-4.1fixed 2.4.23-4.1
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade functio
- CVE-2014-8109Dec 29, 2014affected < 2.4.23-4.1fixed 2.4.23-4.1
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intend
- CVE-2014-3583Dec 15, 2014affected < 2.4.23-4.1fixed 2.4.23-4.1
The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.
- CVE-2014-3581Oct 10, 2014affected < 2.4.23-4.1fixed 2.4.23-4.1
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.
- CVE-2014-3523Jul 20, 2014affected < 2.4.23-4.1fixed 2.4.23-4.1
Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests
- CVE-2014-0231Jul 20, 2014affected < 2.4.23-4.1fixed 2.4.23-4.1
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
- CVE-2014-0226Jul 20, 2014affected < 2.4.23-4.1fixed 2.4.23-4.1
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers im
Page 4 of 7