Количество 52
Количество 52
SUSE-SU-2021:2004-1
Security update for apache2
openSUSE-SU-2021:2954-1
Security update for apache2
openSUSE-SU-2021:1234-1
Security update for apache2
SUSE-SU-2021:2954-1
Security update for apache2
SUSE-SU-2021:2918-1
Security update for apache2
GHSA-p9fg-6rr5-38xc
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
ELSA-2022-9276
ELSA-2022-9276: httpd:2.4 security update (IMPORTANT)
BDU:2021-04216
Уязвимость модуля mod_proxy httpd-демона веб-сервера Apache HTTP Server, позволяющая нарушителю отправить скрытый HTTP-запрос (атака типа HTTP Request Smuggling)
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
CVE-2021-36160
mod_proxy_uwsgi out of bound read
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ...
CVE-2021-44224
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
CVE-2021-44224
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
CVE-2021-44224
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
CVE-2021-44224
Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
CVE-2021-44224
A crafted URI sent to httpd configured as a forward proxy (ProxyReques ...
GHSA-f4wr-wvqf-r2q5
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
BDU:2021-06099
Уязвимость функции mod_proxy_uwsgi веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2021:2004-1 Security update for apache2 | больше 4 лет назад | ||
| openSUSE-SU-2021:2954-1 Security update for apache2 | 1% Низкий | около 4 лет назад | |
| openSUSE-SU-2021:1234-1 Security update for apache2 | 1% Низкий | около 4 лет назад | |
| SUSE-SU-2021:2954-1 Security update for apache2 | 1% Низкий | около 4 лет назад | |
| SUSE-SU-2021:2918-1 Security update for apache2 | 1% Низкий | около 4 лет назад | |
| GHSA-p9fg-6rr5-38xc A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| ELSA-2022-9276 ELSA-2022-9276: httpd:2.4 security update (IMPORTANT) | больше 3 лет назад | ||
 | BDU:2021-04216 Уязвимость модуля mod_proxy httpd-демона веб-сервера Apache HTTP Server, позволяющая нарушителю отправить скрытый HTTP-запрос (атака типа HTTP Request Smuggling) | CVSS3: 4.8 | 1% Низкий | больше 4 лет назад |
 | CVE-2021-36160 A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). | CVSS3: 7.5 | 5% Низкий | около 4 лет назад |
 | CVE-2021-36160 A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). | CVSS3: 7.5 | 5% Низкий | около 4 лет назад |
 | CVE-2021-36160 A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). | CVSS3: 7.5 | 5% Низкий | около 4 лет назад |
 | CVE-2021-36160 mod_proxy_uwsgi out of bound read | CVSS3: 7.5 | 5% Низкий | около 4 лет назад |
| CVE-2021-36160 A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ... | CVSS3: 7.5 | 5% Низкий | около 4 лет назад |
| CVE-2021-44224 A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). | CVSS3: 8.2 | 11% Средний | почти 4 года назад |
| CVE-2021-44224 A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). | CVSS3: 7.1 | 11% Средний | почти 4 года назад |
| CVE-2021-44224 A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). | CVSS3: 8.2 | 11% Средний | почти 4 года назад |
| CVE-2021-44224 Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier | CVSS3: 8.2 | 11% Средний | почти 4 года назад |
| CVE-2021-44224 A crafted URI sent to httpd configured as a forward proxy (ProxyReques ... | CVSS3: 8.2 | 11% Средний | почти 4 года назад |
| GHSA-f4wr-wvqf-r2q5 A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). | CVSS3: 7.5 | 5% Низкий | больше 3 лет назад |
| BDU:2021-06099 Уязвимость функции mod_proxy_uwsgi веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 5% Низкий | больше 4 лет назад |
Уязвимостей на страницу