Red Hat Security Advisory 2022-6753-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.
28d7f2e087a5d9425e253343d93cbc36c274fd300fda47cab8198615c8ea532aGentoo Linux Security Advisory 202208-20 - Multiple vulnerabilities have been discovered in Apache Webserver, the worst of which could result in remote code execution. Versions less than 2.4.54 are affected.
09faf82799a2bf38cabe52ae6e5241cdb6c0783b19a0355526c5faf16d5eadc3Red Hat Security Advisory 2022-0891-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include null pointer and out of bounds write vulnerabilities.
9aff989521f45618c90a5b5a168c798f5e88df2fe82eb36ea2acb414bcd7086eRed Hat Security Advisory 2022-0143-03 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, heap overflow, null pointer, and out of bounds write vulnerabilities.
993d65cc4d7eadca4cea6c60c8198364bfc401da9dbb986b3cd49ef745d51828Debian Linux Security Advisory 4982-1 - Several vulnerabilities have been found in the Apache HTTP server, which could result in denial of service. In addition a vulnerability was discovered in mod_proxy with which an attacker could trick the server to forward requests to arbitrary origin servers.
7db80ce9950cf39bde931c5a0d161d513946d1d1b1ee44990405a9c7cee50a76Ubuntu Security Notice 5090-4 - USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. Various other issues were also addressed.
97566fcdf572aabba3700b134cb12c430056ecb69fad0c05e485f33bb178308aUbuntu Security Notice 5090-3 - USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem.
b581416306f3dd476e571d54877a550435c22900a370f6c91efbf9d6ff8a914fUbuntu Security Notice 5090-2 - USN-5090-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Various other issues were also addressed.
341b8ef0fe4e6777bab5fa98b857529884200d7119257e755b6ca149890c4518Ubuntu Security Notice 5090-1 - James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Various other issues were also addressed.
4f7aac22cc9fea438546a6e2165f1fd88e03efade01784bf4e244e2cf8f08093Gentoo Linux Security Advisory 202107-27 - Multiple vulnerabilities have been found in OpenEXR, the worst of which could result in the arbitrary execution of code. Versions less than 2.5.6 are affected.
333c7588d54f2e8a939b1f0260d8b2e50a3f1286525e37aac98132ae6b41dd54
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed