CVSS: 7.5EPSS: 22%CPEs: 11EXPL: 0CVE-2021-31618 – NULL pointer dereference on specially crafted HTTP/2 request
https://notcve.org/view.php?id=CVE-2021-31618
15 Jun 2021 — Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL po... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 81%CPEs: 12EXPL: 0CVE-2021-26691 – Apache HTTP Server mod_session response handling heap overflow
https://notcve.org/view.php?id=CVE-2021-26691
10 Jun 2021 — In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow Apache HTTP Server versiones 2.4.0 a 2.4.46 , un parámetro SessionHeader especialmente diseñado enviado por un servidor de origen podría causar un desbordamiento de pila A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBo... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 81%CPEs: 10EXPL: 3CVE-2021-26690 – mod_session NULL pointer dereference
https://notcve.org/view.php?id=CVE-2021-26690
10 Jun 2021 — Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service Apache HTTP Server versiones 2.4.0 a 2.4.46, un encabezado de Cookie especialmente diseñado y gestionado por la función mod_session puede causar una desviación del puntero NULL y un fallo, lo que puede causar una denegación de servicio A NULL pointer dereference was found in Apache httpd mod_session. The highest threat fr... • https://github.com/7own/CVE-2021-26690---Apache-mod_session • CWE-476: NULL Pointer Dereference •
CVSS: 7.3EPSS: 1%CPEs: 10EXPL: 0CVE-2020-35452 – mod_auth_digest possible stack overflow by one nul byte
https://notcve.org/view.php?id=CVE-2020-35452
10 Jun 2021 — Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow Apache HTTP Server versiones 2.4.0 a 2.4.46 Un Digest nonce especialmente diseñado puede causa... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2020-13938 – Improper Handling of Insufficient Privileges
https://notcve.org/view.php?id=CVE-2020-13938
10 Jun 2021 — Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows Apache HTTP Server versiones 2.4.0 a 2.4.46 Los usuarios locales sin privilegios pueden detener httpd en Windows • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-17567 – mod_proxy_wstunnel tunneling of non Upgraded connections
https://notcve.org/view.php?id=CVE-2019-17567
10 Jun 2021 — Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured. Apache HTTP Server versiones 2.4.6 a 2.4.46 la función mod_proxy_wstunnel configurado en una URL que no es necesariamente Actualizada por el servidor de origen estaba tunel... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-287: Improper Authentication CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11985 – httpd: IP address spoofing when proxying using mod_remoteip and mod_rewrite
https://notcve.org/view.php?id=CVE-2020-11985
07 Aug 2020 — IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020. Una falsificación de direcciones IP cuando se está usando un proxy por medio de mod_remoteip y mod_rewrite para las configuraciones que usan el proxy con mod_remoteip y dete... • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1CVE-2020-11993 – httpd: mod_http2 concurrent pool usage
https://notcve.org/view.php?id=CVE-2020-11993
07 Aug 2020 — Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers. Apache HTTP Server versiones 2.4.20 hasta 2.4.43, cuando trace/debug fue habilitado para el módulo HTTP/2 y en determinados patrones de tráfico de borde, se hicieron declaracion... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html • CWE-400: Uncontrolled Resource Consumption CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 2%CPEs: 54EXPL: 1CVE-2020-9490 – httpd: Push diary crash on specifically crafted HTTP/2 header
https://notcve.org/view.php?id=CVE-2020-9490
07 Aug 2020 — Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. Apache HTTP Server versiones 2.4.20 hasta 2.4.43.. Un valor especialmente diseñado para el encabezado "Cache-Digest" en una petición HTTP/2 resultaría en un bloqueo cuando el servidor realmente... • https://packetstorm.news/files/id/160392 • CWE-400: Uncontrolled Resource Consumption CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.1EPSS: 1%CPEs: 24EXPL: 0CVE-2020-1927 – httpd: mod_rewrite configurations vulnerable to open redirect
https://notcve.org/view.php?id=CVE-2020-1927
01 Apr 2020 — In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. En Apache HTTP Server versiones 2.4.0 hasta 2.4.41, los redireccionamientos configurados con mod_rewrite que pretendían ser autorreferenciales podrían ser engañados por nuevas líneas codificadas y redireccionadas en lugar de una URL inesperada dentro de la URL de petición. A flaw was fou... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •