Количество 12
Количество 12
CVE-2024-47252
Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.
CVE-2024-47252
Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.
CVE-2024-47252
Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.
CVE-2024-47252
CVE-2024-47252
Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP ...
GHSA-2qfr-q5v6-m43q
Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.
BDU:2025-08958
Уязвимость функции mod_ssl веб-сервера Apache HTTP Server, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
SUSE-SU-2025:02685-1
Security update for apache2
SUSE-SU-2025:02684-1
Security update for apache2
SUSE-SU-2025:02683-1
Security update for apache2
SUSE-SU-2025:02682-1
Security update for apache2
SUSE-SU-2025:02565-1
Security update for apache2
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-47252 Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files. | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
 | CVE-2024-47252 Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files. | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
 | CVE-2024-47252 Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files. | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
 | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад | |
| CVE-2024-47252 Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP ... | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
| GHSA-2qfr-q5v6-m43q Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files. | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
 | BDU:2025-08958 Уязвимость функции mod_ssl веб-сервера Apache HTTP Server, позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 7.5 | 0% Низкий | 11 месяцев назад |
 | SUSE-SU-2025:02685-1 Security update for apache2 | 17 дней назад | ||
| SUSE-SU-2025:02684-1 Security update for apache2 | 17 дней назад | ||
| SUSE-SU-2025:02683-1 Security update for apache2 | 17 дней назад | ||
| SUSE-SU-2025:02682-1 Security update for apache2 | 17 дней назад | ||
| SUSE-SU-2025:02565-1 Security update for apache2 | 22 дня назад |
Уязвимостей на страницу