CVSS: 7.5EPSS: 11%CPEs: 25EXPL: 0CVE-2021-34798 – NULL pointer dereference in httpd core
https://notcve.org/view.php?id=CVE-2021-34798
16 Sep 2021 — Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. Unas peticiones malformadas pueden causar que el servidor haga desreferencia a un puntero NULL. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability. • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-35940 – Regression of CVE-2017-12613
https://notcve.org/view.php?id=CVE-2021-35940
23 Aug 2021 — An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue. Se ha corregido una lectura de matrices fuera de límites en la función apr_time_exp*() en Apache Portable Runtime versión 1.6.3 (CVE-2017-12613). La corrección de este problema no se trasladó a la rama APR versión 1.7... • http://mail-archives.apache.org/mod_mbox/www-announce/201710.mbox/%3CCACsi251B8UaLvM-rrH9fv57-zWi0zhyF3275_jPg1a9VEVVoxw%40mail.gmail.com%3E • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 1CVE-2021-33193 – Request splitting via HTTP/2 method injection and mod_proxy
https://notcve.org/view.php?id=CVE-2021-33193
16 Aug 2021 — A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48. Un método diseñado enviado mediante HTTP/2 omitirá la comprobación y será reenviado por mod_proxy, lo que puede conllevar a la división de peticiones o el envenenamiento de la caché. Este problema afecta a Apache HTTP Server versiones 2.4.17 a 2.4.48. A NULL pointer dereference was found in Apache httpd mod_... • https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 21%CPEs: 11EXPL: 0CVE-2021-31618 – NULL pointer dereference on specially crafted HTTP/2 request
https://notcve.org/view.php?id=CVE-2021-31618
15 Jun 2021 — Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL po... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 24%CPEs: 10EXPL: 0CVE-2021-30641 – Unexpected URL matching with 'MergeSlashes OFF'
https://notcve.org/view.php?id=CVE-2021-30641
10 Jun 2021 — Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' Apache HTTP Server versiones 2.4.39 a 2.4.46. Un Comportamiento inesperado de coincidencia con el parámetro "MergeSlashes OFF" A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 37%CPEs: 12EXPL: 0CVE-2021-26691 – Apache HTTP Server mod_session response handling heap overflow
https://notcve.org/view.php?id=CVE-2021-26691
10 Jun 2021 — In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow Apache HTTP Server versiones 2.4.0 a 2.4.46 , un parámetro SessionHeader especialmente diseñado enviado por un servidor de origen podría causar un desbordamiento de pila A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBo... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 61%CPEs: 10EXPL: 3CVE-2021-26690 – mod_session NULL pointer dereference
https://notcve.org/view.php?id=CVE-2021-26690
10 Jun 2021 — Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service Apache HTTP Server versiones 2.4.0 a 2.4.46, un encabezado de Cookie especialmente diseñado y gestionado por la función mod_session puede causar una desviación del puntero NULL y un fallo, lo que puede causar una denegación de servicio A NULL pointer dereference was found in Apache httpd mod_session. The highest threat fr... • https://github.com/7own/CVE-2021-26690---Apache-mod_session • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 17%CPEs: 10EXPL: 0CVE-2020-13950 – mod_proxy_http NULL pointer dereference
https://notcve.org/view.php?id=CVE-2020-13950
10 Jun 2021 — Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service Apache HTTP Server versiones 2.4.41 a 2.4.46 la función mod_proxy_http puede bloquearse (desviación del puntero NULL) con peticiones especialmente diseñadas que utilicen las encabezados Content-Length y Transfer-Encoding, provocando una denegación de servicio A flaw was found In Apac... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.3EPSS: 4%CPEs: 10EXPL: 0CVE-2020-35452 – mod_auth_digest possible stack overflow by one nul byte
https://notcve.org/view.php?id=CVE-2020-35452
10 Jun 2021 — Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow Apache HTTP Server versiones 2.4.0 a 2.4.46 Un Digest nonce especialmente diseñado puede causa... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 7%CPEs: 8EXPL: 0CVE-2019-17567 – mod_proxy_wstunnel tunneling of non Upgraded connections
https://notcve.org/view.php?id=CVE-2019-17567
10 Jun 2021 — Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured. Apache HTTP Server versiones 2.4.6 a 2.4.46 la función mod_proxy_wstunnel configurado en una URL que no es necesariamente Actualizada por el servidor de origen estaba tunel... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-287: Improper Authentication CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •