CVE-2019-10082

Опубликовано: 26 сент. 2019

Источник: ubuntu

Приоритет: low

EPSS Средний

CVSS2: 6.4

CVSS3: 9.1

Описание

In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

Релиз	Статус	Примечание
bionic	released	2.4.29-1ubuntu4.10
devel	not-affected	2.4.41-1ubuntu1
disco	released	2.4.38-2ubuntu2.2
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	released	2.4.29-1ubuntu4.10
esm-infra/xenial	not-affected	code not built
precise/esm	not-affected	code not present
trusty	ignored	end of standard support
trusty/esm	not-affected	code not present
upstream	released	2.4.41-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%

0.47892

Средний

6.4 Medium

CVSS2

9.1 Critical

CVSS3

Связанные уязвимости

CVE-2019-10082

CVSS3: 6.5

redhat

больше 6 лет назад

In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

CVE-2019-10082

CVSS3: 9.1

nvd

около 6 лет назад

In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

CVE-2019-10082

CVSS3: 9.1

debian

около 6 лет назад

In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the h ...

GHSA-28c2-r3qq-82vj

CVSS3: 9.1

github

больше 3 лет назад

In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

BDU:2019-04287

CVSS3: 9.1

fstec

больше 6 лет назад

Уязвимость реализации сетевого протокола HTTP/2 веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 98%

0.47892

Средний

6.4 Medium

CVSS2

9.1 Critical

CVSS3

CVE-2019-10082

Описание

Пакет apache2

Ссылки на источники

Связанные уязвимости