rpm package
suse/apache2&distro=SUSE Linux Enterprise Server 12 SP3
pkg:rpm/suse/apache2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-9789 | Hig | 7.5 | < 2.4.23-29.13.1 | 2.4.23-29.13.1 | Jul 13, 2017 | When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour. | |
| CVE-2017-9788 | Cri | 9.1 | < 2.4.23-29.3.2 | 2.4.23-29.3.2 | Jul 13, 2017 | In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could |
- affected < 2.4.23-29.13.1fixed 2.4.23-29.13.1
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.
- affected < 2.4.23-29.3.2fixed 2.4.23-29.3.2
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could
Page 2 of 2