Bugs fixes in "apache2"
Origin | Bug number | Title | Date fixed |
---|---|---|---|
CVE | CVE-2024-38473 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, po | 2024-07-08 |
CVE | CVE-2024-36387 | Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, de | 2024-07-08 |
CVE | CVE-2024-39884 | A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and si | 2024-07-08 |
CVE | CVE-2024-39573 | Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to | 2024-07-08 |
CVE | CVE-2024-38477 | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users | 2024-07-08 |
CVE | CVE-2024-38476 | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend a | 2024-07-08 |
CVE | CVE-2024-38474 | Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by th | 2024-07-08 |
CVE | CVE-2024-38473 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, po | 2024-07-08 |
CVE | CVE-2024-36387 | Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, de | 2024-07-08 |
CVE | CVE-2024-39573 | Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to | 2024-07-08 |
CVE | CVE-2024-38477 | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users | 2024-07-08 |
CVE | CVE-2024-38476 | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend a | 2024-07-08 |
CVE | CVE-2024-38473 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, po | 2024-07-08 |
CVE | CVE-2024-38477 | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users | 2024-07-08 |
CVE | CVE-2024-38476 | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend a | 2024-07-08 |
CVE | CVE-2024-38473 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, po | 2024-07-08 |
CVE | CVE-2024-27316 | HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client do | 2024-04-29 |
CVE | CVE-2024-24795 | HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applicat | 2024-04-29 |
CVE | CVE-2023-38709 | Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects | 2024-04-29 |
CVE | CVE-2024-27316 | HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client do | 2024-04-29 |
About
-
Send Feedback to @ubuntu_updates