Bugs fixes in "apache2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2024-38475 | Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are p | 2024-07-08 |
| CVE | CVE-2024-38474 | Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by th | 2024-07-08 |
| CVE | CVE-2024-38473 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, po | 2024-07-08 |
| CVE | CVE-2024-36387 | Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, de | 2024-07-08 |
| CVE | CVE-2024-39884 | A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and si | 2024-07-08 |
| CVE | CVE-2024-39573 | Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to | 2024-07-08 |
| CVE | CVE-2024-38477 | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users | 2024-07-08 |
| CVE | CVE-2024-38476 | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend a | 2024-07-08 |
| CVE | CVE-2024-38475 | Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are p | 2024-07-08 |
| CVE | CVE-2024-38474 | Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by th | 2024-07-08 |
| CVE | CVE-2024-38473 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, po | 2024-07-08 |
| CVE | CVE-2024-36387 | Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, de | 2024-07-08 |
| CVE | CVE-2024-39884 | A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and si | 2024-07-08 |
| CVE | CVE-2024-39573 | Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to | 2024-07-08 |
| CVE | CVE-2024-38477 | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users | 2024-07-08 |
| CVE | CVE-2024-38476 | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend a | 2024-07-08 |
| CVE | CVE-2024-38475 | Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are p | 2024-07-08 |
| CVE | CVE-2024-38474 | Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by th | 2024-07-08 |
| CVE | CVE-2024-38473 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, po | 2024-07-08 |
| CVE | CVE-2024-36387 | Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, de | 2024-07-08 |
About
-
Send Feedback to @ubuntu_updates
