Количество 29
Количество 29
CVE-2016-0736
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was ...
CVE-2016-2161
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
CVE-2016-2161
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
CVE-2016-2161
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
CVE-2016-2161
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod ...
GHSA-mxm5-vg5c-rx7v
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.
BDU:2017-01806
Уязвимость модуля mod_session_crypto веб-сервера Apache HTTP Server, позволяющая нарушителю осуществить атаки типа Padding Oracle
GHSA-3v6f-955w-932h
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
BDU:2017-01805
Уязвимость модуля mod_auth_digest веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать аварийное завершение работы сервера
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2016-0736 In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was ... | CVSS3: 7.5 | 32% Средний | больше 8 лет назад |
 | CVE-2016-2161 In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. | CVSS3: 7.5 | 40% Средний | больше 8 лет назад |
 | CVE-2016-2161 In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. | CVSS3: 7.5 | 40% Средний | почти 9 лет назад |
 | CVE-2016-2161 In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. | CVSS3: 7.5 | 40% Средний | больше 8 лет назад |
| CVE-2016-2161 In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod ... | CVSS3: 7.5 | 40% Средний | больше 8 лет назад |
| GHSA-mxm5-vg5c-rx7v In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. | CVSS3: 7.5 | 32% Средний | больше 3 лет назад |
 | BDU:2017-01806 Уязвимость модуля mod_session_crypto веб-сервера Apache HTTP Server, позволяющая нарушителю осуществить атаки типа Padding Oracle | CVSS2: 5 | 32% Средний | больше 8 лет назад |
| GHSA-3v6f-955w-932h In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. | CVSS3: 7.5 | 40% Средний | больше 3 лет назад |
| BDU:2017-01805 Уязвимость модуля mod_auth_digest веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать аварийное завершение работы сервера | CVSS2: 5 | 40% Средний | больше 8 лет назад |
Уязвимостей на страницу