Количество 15
Количество 15
CVE-2024-38474
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.
CVE-2024-38474
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.
CVE-2024-38474
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.
CVE-2024-38474
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.5 ...
GHSA-x6g9-g4wf-qrf7
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.
BDU:2024-06593
Уязвимость функции mod_rewrite веб-сервера Apache HTTP Server, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2024:2999-1
Security update for apache2
SUSE-SU-2024:2997-1
Security update for apache2
SUSE-SU-2024:3173-1
Security update for apache2
SUSE-SU-2024:3172-1
Security update for apache2
ELSA-2024-4943
ELSA-2024-4943: httpd security update (IMPORTANT)
ROS-20241203-19
Множественные уязвимости httpd
RLSA-2024:4726
Important: httpd security update
ELSA-2024-4726
ELSA-2024-4726: httpd security update (IMPORTANT)
ELSA-2024-4720
ELSA-2024-4720: httpd:2.4 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-38474 Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
 | CVE-2024-38474 Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
 | CVE-2024-38474 Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
| CVE-2024-38474 Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.5 ... | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
| GHSA-x6g9-g4wf-qrf7 Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified. | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
 | BDU:2024-06593 Уязвимость функции mod_rewrite веб-сервера Apache HTTP Server, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
 | SUSE-SU-2024:2999-1 Security update for apache2 | 12 месяцев назад | ||
| SUSE-SU-2024:2997-1 Security update for apache2 | 12 месяцев назад | ||
| SUSE-SU-2024:3173-1 Security update for apache2 | 11 месяцев назад | ||
| SUSE-SU-2024:3172-1 Security update for apache2 | 11 месяцев назад | ||
| ELSA-2024-4943 ELSA-2024-4943: httpd security update (IMPORTANT) | 11 месяцев назад | ||
 | ROS-20241203-19 Множественные уязвимости httpd | CVSS3: 9.8 | 8 месяцев назад | |
 | RLSA-2024:4726 Important: httpd security update | около 1 года назад | ||
| ELSA-2024-4726 ELSA-2024-4726: httpd security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-4720 ELSA-2024-4720: httpd:2.4 security update (IMPORTANT) | около 1 года назад |
Уязвимостей на страницу