rpm package
suse/apache2&distro=SUSE OpenStack Cloud 6
pkg:rpm/suse/apache2&distro=SUSE%20OpenStack%20Cloud%206
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1312 | — | < 2.4.16-20.16.1 | 2.4.16-20.16.1 | Mar 26, 2018 | In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests coul | ||
| CVE-2018-1303 | — | < 2.4.16-20.16.1 | 2.4.16-20.16.1 | Mar 26, 2018 | A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnera | ||
| CVE-2018-1301 | — | < 2.4.16-20.16.1 | 2.4.16-20.16.1 | Mar 26, 2018 | A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both l | ||
| CVE-2018-1283 | — | < 2.4.16-20.16.1 | 2.4.16-20.16.1 | Mar 26, 2018 | In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_se | ||
| CVE-2017-15715 | — | < 2.4.16-20.16.1 | 2.4.16-20.16.1 | Mar 26, 2018 | In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally bloc | ||
| CVE-2017-15710 | — | < 2.4.16-20.16.1 | 2.4.16-20.16.1 | Mar 26, 2018 | In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present | ||
| CVE-2017-9798 | Hig | 7.5 | < 2.4.16-20.13.1 | 2.4.16-20.13.1 | Sep 18, 2017 | Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27 | |
| CVE-2017-9788 | Cri | 9.1 | < 2.4.16-20.10.1 | 2.4.16-20.10.1 | Jul 13, 2017 | In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could | |
| CVE-2017-7679 | Cri | 9.8 | < 2.4.16-20.10.1 | 2.4.16-20.10.1 | Jun 20, 2017 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. | |
| CVE-2017-3169 | Cri | 9.8 | < 2.4.16-20.10.1 | 2.4.16-20.10.1 | Jun 20, 2017 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. | |
| CVE-2017-3167 | Cri | 9.8 | < 2.4.16-20.10.1 | 2.4.16-20.10.1 | Jun 20, 2017 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. |
- CVE-2018-1312Mar 26, 2018affected < 2.4.16-20.16.1fixed 2.4.16-20.16.1
In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests coul
- CVE-2018-1303Mar 26, 2018affected < 2.4.16-20.16.1fixed 2.4.16-20.16.1
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnera
- CVE-2018-1301Mar 26, 2018affected < 2.4.16-20.16.1fixed 2.4.16-20.16.1
A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both l
- CVE-2018-1283Mar 26, 2018affected < 2.4.16-20.16.1fixed 2.4.16-20.16.1
In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_se
- CVE-2017-15715Mar 26, 2018affected < 2.4.16-20.16.1fixed 2.4.16-20.16.1
In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally bloc
- CVE-2017-15710Mar 26, 2018affected < 2.4.16-20.16.1fixed 2.4.16-20.16.1
In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present
- affected < 2.4.16-20.13.1fixed 2.4.16-20.13.1
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27
- affected < 2.4.16-20.10.1fixed 2.4.16-20.10.1
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could
- affected < 2.4.16-20.10.1fixed 2.4.16-20.10.1
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
- affected < 2.4.16-20.10.1fixed 2.4.16-20.10.1
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
- affected < 2.4.16-20.10.1fixed 2.4.16-20.10.1
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.