You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by gi...@apache.org on 2022/10/24 12:48:53 UTC
[httpd-site] branch asf-site updated: Automatic Site Publish by Buildbot
This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/httpd-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 828fa22 Automatic Site Publish by Buildbot
828fa22 is described below
commit 828fa228b551efdf34ebaacd5fc9be4ceae84aaf
Author: buildbot <us...@infra.apache.org>
AuthorDate: Mon Oct 24 12:48:50 2022 +0000
Automatic Site Publish by Buildbot
---
output/security/vulnerabilities-httpd.json | 29704 +++++++++++++--------------
output/security/vulnerabilities_13.html | 66 +-
output/security/vulnerabilities_20.html | 136 +-
output/security/vulnerabilities_22.html | 138 +-
output/security/vulnerabilities_24.html | 200 +-
5 files changed, 15122 insertions(+), 15122 deletions(-)
diff --git a/output/security/vulnerabilities-httpd.json b/output/security/vulnerabilities-httpd.json
index d5fd6cc..e93a0a3 100644
--- a/output/security/vulnerabilities-httpd.json
+++ b/output/security/vulnerabilities-httpd.json
@@ -9,19 +9,19 @@
"references": {},
"timeline": [
{
- "time": "2003-04-30",
+ "time": "2005-08-30",
"lang": "eng",
"value": "reported"
},
{
- "time": "2003-07-09",
+ "time": "2005-08-30",
"lang": "eng",
"value": "public"
},
{
- "time": "2003-07-09",
+ "time": "2005-10-14",
"lang": "eng",
- "value": "2.0.47 released"
+ "value": "2.0.55 released"
}
],
"CNA_private": {
@@ -31,9 +31,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2003-07-09",
- "ID": "CVE-2003-0192",
- "TITLE": "mod_ssl renegotiation issue"
+ "DATE_PUBLIC": "2005-08-30",
+ "ID": "CVE-2005-2700",
+ "TITLE": "SSLVerifyClient bypass"
},
"source": {
"defect": [],
@@ -46,7 +46,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_ssl renegotiation issue"
+ "value": "SSLVerifyClient bypass"
}
]
}
@@ -56,13 +56,13 @@
"description_data": [
{
"lang": "eng",
- "value": "A bug in the optional renegotiation code in mod_ssl included with Apache httpd can cause cipher suite restrictions to be ignored. This is triggered if optional renegotiation is used (SSLOptions +OptRenegotiate) along with verification of client certificates and a change to the cipher suite over the renegotiation."
+ "value": "A flaw in the mod_ssl handling of the \"SSLVerifyClient\" directive. This flaw would occur if a virtual host has been configured using \"SSLVerifyClient optional\" and further a directive \"SSLVerifyClient required\" is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "important"
}
],
"affects": {
@@ -76,6 +76,46 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
{
"version_name": "2.0",
"version_affected": "=",
@@ -146,19 +186,19 @@
"references": {},
"timeline": [
{
- "time": "2019-01-01",
+ "time": "2019-01-23",
"lang": "eng",
"value": "reported"
},
{
- "time": "2019-01-22",
+ "time": "2019-04-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2019-02-28",
+ "time": "2019-04-01",
"lang": "eng",
- "value": "2.4.38 released"
+ "value": "2.4.39 released"
}
],
"CNA_private": {
@@ -168,9 +208,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2019-01-22",
- "ID": "CVE-2019-0190",
- "TITLE": "mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1"
+ "DATE_PUBLIC": "2019-04-01",
+ "ID": "CVE-2019-0215",
+ "TITLE": "mod_ssl access control bypass"
},
"source": {
"defect": [],
@@ -183,7 +223,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1"
+ "value": "mod_ssl access control bypass"
}
]
}
@@ -192,14 +232,14 @@
"credit": [
{
"lang": "eng",
- "value": "The issue was discovered through user bug reports."
+ "value": "The issue was discovered by Michael Kaufmann."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts."
+ "value": "In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions."
}
]
},
@@ -219,6 +259,11 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.38"
+ },
{
"version_name": "2.4",
"version_affected": "=",
@@ -244,19 +289,19 @@
"references": {},
"timeline": [
{
- "time": "2010-03-03",
+ "time": "2009-06-26",
"lang": "eng",
"value": "reported"
},
{
- "time": "2010-10-01",
+ "time": "2009-06-26",
"lang": "eng",
"value": "public"
},
{
- "time": "2010-10-19",
+ "time": "2009-07-27",
"lang": "eng",
- "value": "2.2.17 released"
+ "value": "2.2.12 released"
},
{
"time": "2010-10-19",
@@ -271,9 +316,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2010-10-01",
- "ID": "CVE-2010-1623",
- "TITLE": "apr_bridage_split_line DoS"
+ "DATE_PUBLIC": "2009-06-26",
+ "ID": "CVE-2009-1891",
+ "TITLE": "mod_deflate DoS"
},
"source": {
"defect": [],
@@ -286,7 +331,7 @@
"description": [
{
"lang": "eng",
- "value": "apr_bridage_split_line DoS"
+ "value": "mod_deflate DoS"
}
]
}
@@ -296,7 +341,7 @@
"description_data": [
{
"lang": "eng",
- "value": "A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service."
+ "value": "A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file."
}
]
},
@@ -316,31 +361,6 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.16"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.15"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.14"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.13"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.12"
- },
{
"version_name": "2.2",
"version_affected": "=",
@@ -526,19 +546,24 @@
"references": {},
"timeline": [
{
- "time": "2013-03-05",
+ "time": "2011-12-30",
"lang": "eng",
"value": "reported"
},
{
- "time": "2018-03-21",
+ "time": "2012-01-11",
"lang": "eng",
"value": "public"
},
{
- "time": "2018-03-21",
+ "time": "2012-01-31",
"lang": "eng",
- "value": "2.4.33 released"
+ "value": "2.2.22 released"
+ },
+ {
+ "time": "2013-07-22",
+ "lang": "eng",
+ "value": "2.0.65 released"
}
],
"CNA_private": {
@@ -548,9 +573,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2018-03-21",
- "ID": "CVE-2018-1312",
- "TITLE": "Weak Digest auth nonce generation in mod_auth_digest"
+ "DATE_PUBLIC": "2012-01-11",
+ "ID": "CVE-2012-0031",
+ "TITLE": "scoreboard parent DoS"
},
"source": {
"defect": [],
@@ -563,7 +588,7 @@
"description": [
{
"lang": "eng",
- "value": "Weak Digest auth nonce generation in mod_auth_digest"
+ "value": "scoreboard parent DoS"
}
]
}
@@ -572,14 +597,14 @@
"credit": [
{
"lang": "eng",
- "value": "The issue was discovered by Nicolas Daniels."
+ "value": "This issue was reported by halfdog"
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "When generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection."
+ "value": "A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly."
}
]
},
@@ -600,99 +625,224 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.29"
+ "version_value": "2.2.21"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.28"
+ "version_value": "2.2.20"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.27"
+ "version_value": "2.2.19"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.26"
+ "version_value": "2.2.18"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.25"
+ "version_value": "2.2.17"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.23"
+ "version_value": "2.2.16"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.20"
+ "version_value": "2.2.15"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.18"
+ "version_value": "2.2.14"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.17"
+ "version_value": "2.2.13"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.16"
+ "version_value": "2.2.12"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.12"
+ "version_value": "2.2.11"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.10"
+ "version_value": "2.2.10"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.9"
+ "version_value": "2.2.9"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.7"
+ "version_value": "2.2.8"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.6"
+ "version_value": "2.2.6"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.4"
+ "version_value": "2.2.5"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.3"
+ "version_value": "2.2.4"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.2"
+ "version_value": "2.2.3"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.1"
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.64"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.63"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
}
]
}
@@ -704,93 +854,6 @@
}
}
},
- {
- "CVE_data_meta": {
- "ASSIGNER": "security@apache.org",
- "ID": "CVE-2021-34798",
- "STATE": "READY",
- "TITLE": "NULL pointer dereference in httpd core"
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_affected": "<=",
- "version_name": "Apache HTTP Server 2.4",
- "version_value": "2.4.48"
- }
- ]
- }
- }
- ]
- },
- "vendor_name": "Apache Software Foundation"
- }
- ]
- }
- },
- "credit": [
- {
- "lang": "eng",
- "value": "The issue was discovered by the Apache HTTP security team"
- }
- ],
- "data_format": "MITRE",
- "data_type": "CVE",
- "data_version": "4.0",
- "description": {
- "description_data": [
- {
- "lang": "eng",
- "value": "Malformed requests may cause the server to dereference a NULL pointer.\n\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier."
- }
- ]
- },
- "generator": {
- "engine": "Vulnogram 0.0.9"
- },
- "impact": [
- {
- "other": "moderate"
- }
- ],
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-476 NULL Pointer Dereference"
- }
- ]
- }
- ]
- },
- "references": {
- "reference_data": [
- {
- "refsource": "CONFIRM"
- }
- ]
- },
- "source": {
- "discovery": "UNKNOWN"
- },
- "timeline": [
- {
- "lang": "eng",
- "time": "2021-09-16",
- "value": "2.4.49 released"
- }
- ]
- },
{
"data_type": "CVE",
"data_format": "MITRE",
@@ -801,24 +864,19 @@
"references": {},
"timeline": [
{
- "time": "2013-09-06",
+ "time": "2009-08-05",
"lang": "eng",
"value": "reported"
},
{
- "time": "2013-10-19",
+ "time": "2009-09-23",
"lang": "eng",
"value": "public"
},
{
- "time": "2015-01-30",
- "lang": "eng",
- "value": "2.4.12 released"
- },
- {
- "time": "2014-09-03",
+ "time": "2009-10-05",
"lang": "eng",
- "value": "2.2.29 released"
+ "value": "2.2.14 released"
}
],
"CNA_private": {
@@ -828,9 +886,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2013-10-19",
- "ID": "CVE-2013-5704",
- "TITLE": "HTTP Trailers processing bypass"
+ "DATE_PUBLIC": "2009-09-23",
+ "ID": "CVE-2009-2699",
+ "TITLE": "Solaris pollset DoS"
},
"source": {
"defect": [],
@@ -843,29 +901,23 @@
"description": [
{
"lang": "eng",
- "value": "HTTP Trailers processing bypass"
+ "value": "Solaris pollset DoS"
}
]
}
]
},
- "credit": [
- {
- "lang": "eng",
- "value": "This issue was reported by Martin Holst Swende."
- }
- ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the \"MergeTrailers\" directive to restore legacy behavior."
+ "value": "Faulty error handling was found affecting Solaris pollset support (Event Port backend) caused by a bug in APR. A remote attacker could trigger this issue on Solaris servers which used prefork or event MPMs, resulting in a denial of service."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "moderate"
}
],
"affects": {
@@ -880,169 +932,59 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.10"
+ "version_value": "2.2.13"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.9"
+ "version_value": "2.2.12"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.7"
+ "version_value": "2.2.11"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.6"
+ "version_value": "2.2.10"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.4"
+ "version_value": "2.2.9"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.3"
+ "version_value": "2.2.8"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.2"
+ "version_value": "2.2.6"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.1"
+ "version_value": "2.2.5"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.27"
+ "version_value": "2.2.4"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.26"
+ "version_value": "2.2.3"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.25"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.24"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.23"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.22"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.21"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.20"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.19"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.18"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.17"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.16"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.15"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.14"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.13"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.12"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.11"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.10"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.9"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.8"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.6"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.5"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.4"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.3"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "2.2.2"
},
{
"version_name": "2.2",
@@ -1069,19 +1011,19 @@
"references": {},
"timeline": [
{
- "time": "2005-08-30",
+ "time": "2019-12-05",
"lang": "eng",
"value": "reported"
},
{
- "time": "2005-08-30",
+ "time": "2020-04-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2005-10-14",
+ "time": "2020-04-01",
"lang": "eng",
- "value": "2.0.55 released"
+ "value": "2.4.42 released"
}
],
"CNA_private": {
@@ -1091,9 +1033,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2005-08-30",
- "ID": "CVE-2005-2700",
- "TITLE": "SSLVerifyClient bypass"
+ "DATE_PUBLIC": "2020-04-01",
+ "ID": "CVE-2020-1927",
+ "TITLE": "mod_rewrite CWE-601 open redirect"
},
"source": {
"defect": [],
@@ -1106,23 +1048,29 @@
"description": [
{
"lang": "eng",
- "value": "SSLVerifyClient bypass"
+ "value": "mod_rewrite CWE-601 open redirect"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "The issue was discovered by Fabrice Perez"
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A flaw in the mod_ssl handling of the \"SSLVerifyClient\" directive. This flaw would occur if a virtual host has been configured using \"SSLVerifyClient optional\" and further a directive \"SSLVerifyClient required\" is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting."
+ "value": "In Apache HTTP Server versions 2.4.0 to 2.4.41 some mod_rewrite configurations vulnerable to open redirect."
}
]
},
"impact": [
{
- "other": "important"
+ "other": "low"
}
],
"affects": {
@@ -1137,94 +1085,149 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.54"
+ "version_value": "2.4.41"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.53"
+ "version_value": "2.4.40"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.52"
+ "version_value": "2.4.39"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.51"
+ "version_value": "2.4.38"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.50"
+ "version_value": "2.4.37"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.49"
+ "version_value": "2.4.35"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.48"
+ "version_value": "2.4.34"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.47"
+ "version_value": "2.4.33"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.46"
+ "version_value": "2.4.30"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.45"
+ "version_value": "2.4.29"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.44"
+ "version_value": "2.4.28"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.43"
+ "version_value": "2.4.27"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.42"
+ "version_value": "2.4.26"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.40"
+ "version_value": "2.4.25"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.39"
+ "version_value": "2.4.23"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.37"
+ "version_value": "2.4.20"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.36"
+ "version_value": "2.4.18"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.35"
+ "version_value": "2.4.17"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.16"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.12"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.10"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.9"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.7"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.6"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.4"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.3"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.2"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.1"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.0"
}
]
}
@@ -1246,14 +1249,19 @@
"references": {},
"timeline": [
{
- "time": "2002-04-22",
+ "time": "2013-08-05",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2015-06-09",
"lang": "eng",
"value": "public"
},
{
- "time": "2002-05-08",
+ "time": "2015-07-15",
"lang": "eng",
- "value": "2.0.36 released"
+ "value": "2.4.16 released"
}
],
"CNA_private": {
@@ -1263,9 +1271,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2002-04-22",
- "ID": "CVE-2002-1592",
- "TITLE": "Warning messages could be displayed to users"
+ "DATE_PUBLIC": "2015-06-09",
+ "ID": "CVE-2015-3185",
+ "TITLE": "ap_some_auth_required API unusable"
},
"source": {
"defect": [],
@@ -1278,17 +1286,23 @@
"description": [
{
"lang": "eng",
- "value": "Warning messages could be displayed to users"
+ "value": "ap_some_auth_required API unusable"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "This issue was reported by Ben Reser."
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "In some cases warning messages could get returned to end users in addition to being recorded in the error log. This could reveal the path to a CGI script for example, a minor security exposure."
+ "value": "A design error in the \"ap_some_auth_required\" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for authorization as well and can appear in configurations even when no authentication is required and the request is entirely unrestricted. This could lead to mod [...]
}
]
},
@@ -1309,9 +1323,59 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.35"
+ "version_value": "2.4.12"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.10"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.9"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.7"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.6"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.5"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.4"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.3"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.2"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.1"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.0"
}
]
}
@@ -1323,6 +1387,93 @@
}
}
},
+ {
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "ID": "CVE-2021-40438",
+ "STATE": "READY",
+ "TITLE": "mod_proxy SSRF"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "Apache HTTP Server 2.4",
+ "version_value": "2.4.48"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Apache Software Foundation"
+ }
+ ]
+ }
+ },
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160"
+ }
+ ],
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier."
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.0.9"
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-918 Server Side Request Forgery (SSRF)"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "CONFIRM"
+ }
+ ]
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "timeline": [
+ {
+ "lang": "eng",
+ "time": "2021-09-16",
+ "value": "2.4.49 released"
+ }
+ ]
+ },
{
"data_type": "CVE",
"data_format": "MITRE",
@@ -1333,29 +1484,9 @@
"references": {},
"timeline": [
{
- "time": "2007-12-15",
- "lang": "eng",
- "value": "reported"
- },
- {
- "time": "2008-01-02",
- "lang": "eng",
- "value": "public"
- },
- {
- "time": "2008-01-19",
- "lang": "eng",
- "value": "2.2.8 released"
- },
- {
- "time": "2008-01-19",
- "lang": "eng",
- "value": "2.0.63 released"
- },
- {
- "time": "2008-01-19",
+ "time": "2005-10-14",
"lang": "eng",
- "value": "1.3.41 released"
+ "value": "2.0.55 released"
}
],
"CNA_private": {
@@ -1365,9 +1496,8 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2008-01-02",
- "ID": "CVE-2007-6388",
- "TITLE": "mod_status XSS"
+ "ID": "CVE-2005-2970",
+ "TITLE": "Worker MPM memory leak"
},
"source": {
"defect": [],
@@ -1380,7 +1510,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_status XSS"
+ "value": "Worker MPM memory leak"
}
]
}
@@ -1390,13 +1520,13 @@
"description_data": [
{
"lang": "eng",
- "value": "A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available."
+ "value": "A memory leak in the worker MPM would allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low (from moderate) as sucessful exploitation of the race condition would be difficult."
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "low"
}
],
"affects": {
@@ -1411,269 +1541,89 @@
"version": {
"version_data": [
{
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.6"
- },
- {
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.5"
+ "version_value": "2.0.54"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.4"
+ "version_value": "2.0.53"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.3"
+ "version_value": "2.0.52"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "2.0.51"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.0"
+ "version_value": "2.0.50"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.61"
+ "version_value": "2.0.49"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.59"
+ "version_value": "2.0.48"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.58"
+ "version_value": "2.0.47"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.55"
+ "version_value": "2.0.46"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.54"
+ "version_value": "2.0.45"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.53"
+ "version_value": "2.0.44"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.52"
+ "version_value": "2.0.43"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.51"
+ "version_value": "2.0.42"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.50"
+ "version_value": "2.0.40"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.49"
+ "version_value": "2.0.39"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.48"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.47"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.46"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.45"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.44"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.43"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.42"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.40"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.39"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.37"
+ "version_value": "2.0.37"
},
{
"version_name": "2.0",
"version_affected": "=",
"version_value": "2.0.36"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.35"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.39"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.37"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.36"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.35"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.34"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.33"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.32"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.31"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.29"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.28"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.27"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.26"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.24"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.22"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.20"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.19"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.17"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.14"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.12"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.11"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.9"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.6"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.4"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.3"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.2"
}
]
}
@@ -1695,19 +1645,9 @@
"references": {},
"timeline": [
{
- "time": "2019-01-29",
- "lang": "eng",
- "value": "reported"
- },
- {
- "time": "2019-04-01",
- "lang": "eng",
- "value": "public"
- },
- {
- "time": "2019-04-01",
+ "time": "2001-02-28",
"lang": "eng",
- "value": "2.4.39 released"
+ "value": "1.3.19 released"
}
],
"CNA_private": {
@@ -1717,9 +1657,8 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2019-04-01",
- "ID": "CVE-2019-0197",
- "TITLE": "mod_http2, possible crash on late upgrade"
+ "ID": "CVE-2001-0925",
+ "TITLE": "Requests can cause directory listing to be displayed"
},
"source": {
"defect": [],
@@ -1732,29 +1671,23 @@
"description": [
{
"lang": "eng",
- "value": "mod_http2, possible crash on late upgrade"
+ "value": "Requests can cause directory listing to be displayed"
}
]
}
]
},
- "credit": [
- {
- "lang": "eng",
- "value": "The issue was discovered by Stefan Eissing, greenbytes.de."
- }
- ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for https: and did not configure the \"H2Upgrade on\" is unaffected by this."
+ "value": "The default installation can lead mod_negotiation and mod_dir or mod_autoindex to display a directory listing instead of the multiview index.html file if a very long path was created artificially by using many slashes."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "important"
}
],
"affects": {
@@ -1769,24 +1702,24 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.38"
+ "version_value": "1.3.17"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.37"
+ "version_value": "1.3.14"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.35"
+ "version_value": "1.3.12"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.34"
+ "version_value": "1.3.11"
}
]
}
@@ -1798,234 +1731,6 @@
}
}
},
- {
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
- "generator": {
- "engine": "Vulnogram 0.0.9"
- },
- "CVE_data_meta": {
- "ID": "CVE-2022-29404",
- "ASSIGNER": "security@apache.org",
- "DATE_PUBLIC": "",
- "TITLE": "Denial of service in mod_lua r:parsebody",
- "AKA": "",
- "STATE": "REVIEW"
- },
- "source": {
- "defect": [],
- "advisory": "",
- "discovery": "UNKNOWN"
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "vendor_name": "Apache Software Foundation",
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_name": "",
- "version_affected": "<=",
- "version_value": "2.4.53",
- "platform": ""
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-770: Allocation of Resources Without Limits or Throttling"
- }
- ]
- }
- ]
- },
- "description": {
- "description_data": [
- {
- "value": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
- "lang": "eng"
- }
- ]
- },
- "references": {
- "reference_data": [
- {
- "refsource": "CONFIRM",
- "url": "",
- "name": ""
- }
- ]
- },
- "configuration": [],
- "impact": [
- {
- "other": "low"
- }
- ],
- "exploit": [],
- "work_around": [],
- "solution": [],
- "credit": [
- {
- "lang": "eng",
- "value": "The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue"
- }
- ],
- "CNA_private": {
- "owner": "httpd",
- "publish": {
- "ym": "",
- "year": "",
- "month": ""
- },
- "share_with_CVE": true,
- "CVE_table_description": [],
- "CVE_list": [],
- "internal_comments": "",
- "todo": [],
- "emailed": "",
- "userslist": "",
- "email": ""
- },
- "timeline": [
- {
- "lang": "eng",
- "time": "2022-06-08",
- "value": "2.4.54 released"
- }
- ]
- },
- {
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
- "generator": {
- "engine": "Vulnogram 0.0.9"
- },
- "CVE_data_meta": {
- "ID": "CVE-2022-28615",
- "ASSIGNER": "security@apache.org",
- "DATE_PUBLIC": "",
- "TITLE": "Read beyond bounds in ap_strcmp_match()",
- "AKA": "",
- "STATE": "REVIEW"
- },
- "source": {
- "defect": [],
- "advisory": "",
- "discovery": "UNKNOWN"
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "vendor_name": "Apache Software Foundation",
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_name": "Apache HTTP Server",
- "version_affected": "<=",
- "version_value": "2.4.53",
- "platform": ""
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-190 Integer Overflow or Wraparound"
- }
- ]
- }
- ]
- },
- "description": {
- "description_data": [
- {
- "value": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
- "lang": "eng"
- }
- ]
- },
- "references": {
- "reference_data": [
- {
- "refsource": "CONFIRM",
- "url": "",
- "name": ""
- }
- ]
- },
- "configuration": [],
- "impact": [
- {
- "other": "low"
- }
- ],
- "exploit": [],
- "work_around": [],
- "solution": [],
- "credit": [
- {
- "lang": "eng",
- "value": "The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue"
- }
- ],
- "CNA_private": {
- "owner": "httpd",
- "publish": {
- "ym": "",
- "year": "",
- "month": ""
- },
- "share_with_CVE": true,
- "CVE_table_description": [],
- "CVE_list": [],
- "internal_comments": "",
- "todo": [],
- "emailed": "",
- "userslist": "",
- "email": ""
- },
- "timeline": [
- {
- "lang": "eng",
- "time": "2022-06-08",
- "value": "2.4.54 released"
- }
- ]
- },
{
"data_type": "CVE",
"data_format": "MITRE",
@@ -2036,19 +1741,19 @@
"references": {},
"timeline": [
{
- "time": "2019-03-26",
+ "time": "2018-10-16",
"lang": "eng",
"value": "reported"
},
{
- "time": "2019-08-14",
+ "time": "2019-01-22",
"lang": "eng",
"value": "public"
},
{
- "time": "2019-08-14",
+ "time": "2019-02-28",
"lang": "eng",
- "value": "2.4.41 released"
+ "value": "2.4.38 released"
}
],
"CNA_private": {
@@ -2058,9 +1763,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2019-08-14",
- "ID": "CVE-2019-10098",
- "TITLE": "mod_rewrite potential open redirect"
+ "DATE_PUBLIC": "2019-01-22",
+ "ID": "CVE-2018-17189",
+ "TITLE": "DoS for HTTP/2 connections via slow request bodies"
},
"source": {
"defect": [],
@@ -2073,7 +1778,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_rewrite potential open redirect"
+ "value": "DoS for HTTP/2 connections via slow request bodies"
}
]
}
@@ -2082,14 +1787,14 @@
"credit": [
{
"lang": "eng",
- "value": "The issue was discovered by Yukitsugu Sasaki"
+ "value": "The issue was discovered by Gal Goldshtein of F5 Networks."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL."
+ "value": "By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol."
}
]
},
@@ -2109,16 +1814,6 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.39"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.38"
- },
{
"version_name": "2.4",
"version_affected": "=",
@@ -2188,61 +1883,6 @@
"version_name": "2.4",
"version_affected": "=",
"version_value": "2.4.17"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.16"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.12"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.10"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.9"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.7"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.6"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.4"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.3"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.2"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.1"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.0"
}
]
}
@@ -2264,19 +1904,19 @@
"references": {},
"timeline": [
{
- "time": "2013-05-29",
+ "time": "2003-06-25",
"lang": "eng",
"value": "reported"
},
{
- "time": "2013-07-22",
+ "time": "2003-07-09",
"lang": "eng",
"value": "public"
},
{
- "time": "2013-07-22",
+ "time": "2003-07-09",
"lang": "eng",
- "value": "2.4.6 released"
+ "value": "2.0.47 released"
}
],
"CNA_private": {
@@ -2286,9 +1926,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2013-07-22",
- "ID": "CVE-2013-2249",
- "TITLE": "mod_session_dbd session fixation flaw"
+ "DATE_PUBLIC": "2003-07-09",
+ "ID": "CVE-2003-0253",
+ "TITLE": "Remote DoS with multiple Listen directives"
},
"source": {
"defect": [],
@@ -2301,29 +1941,23 @@
"description": [
{
"lang": "eng",
- "value": "mod_session_dbd session fixation flaw"
+ "value": "Remote DoS with multiple Listen directives"
}
]
}
]
},
- "credit": [
- {
- "lang": "eng",
- "value": "This issue was reported by Takashi Sato"
- }
- ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A flaw in mod_session_dbd caused it to proceed with save operations for a session without considering the dirty flag and the requirement for a new session ID."
+ "value": "In a server with multiple listening sockets a certain error returned by accept() on a rarely access port can cause a temporary denial of service, due to a bug in the prefork MPM."
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "important"
}
],
"affects": {
@@ -2338,24 +1972,54 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.4.4"
+ "version_value": "2.0.46"
},
{
- "version_name": "2.4",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.4.3"
+ "version_value": "2.0.45"
},
{
- "version_name": "2.4",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.4.2"
+ "version_value": "2.0.44"
},
{
- "version_name": "2.4",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.4.1"
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
}
]
}
@@ -2377,24 +2041,19 @@
"references": {},
"timeline": [
{
- "time": "2016-02-10",
+ "time": "2019-02-22",
"lang": "eng",
"value": "reported"
},
{
- "time": "2016-12-20",
+ "time": "2019-04-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2016-12-20",
- "lang": "eng",
- "value": "2.4.25 released"
- },
- {
- "time": "2017-01-13",
+ "time": "2019-04-01",
"lang": "eng",
- "value": "2.2.32 released"
+ "value": "2.4.39 released"
}
],
"CNA_private": {
@@ -2404,9 +2063,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2016-12-20",
- "ID": "CVE-2016-8743",
- "TITLE": "Apache HTTP Request Parsing Whitespace Defects"
+ "DATE_PUBLIC": "2019-04-01",
+ "ID": "CVE-2019-0211",
+ "TITLE": "Apache HTTP Server privilege escalation from modules' scripts"
},
"source": {
"defect": [],
@@ -2419,7 +2078,7 @@
"description": [
{
"lang": "eng",
- "value": "Apache HTTP Request Parsing Whitespace Defects"
+ "value": "Apache HTTP Server privilege escalation from modules' scripts"
}
]
}
@@ -2428,14 +2087,14 @@
"credit": [
{
"lang": "eng",
- "value": "We would like to thank David Dennerline at IBM Security's X-Force Researchers as well as R\u00e9gis Leroy for each reporting this issue."
+ "value": "The issue was discovered by Charles Fol."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member \"the_request\", while a bare CR in the request header field name would be honored as whitespace [...]
+ "value": "In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected."
}
]
},
@@ -2458,212 +2117,77 @@
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.23"
+ "version_value": "2.4.38"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.20"
+ "version_value": "2.4.37"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.18"
+ "version_value": "2.4.35"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.17"
+ "version_value": "2.4.34"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.16"
+ "version_value": "2.4.33"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.12"
+ "version_value": "2.4.30"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.10"
+ "version_value": "2.4.29"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.9"
+ "version_value": "2.4.28"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.7"
+ "version_value": "2.4.27"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.6"
+ "version_value": "2.4.26"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.4"
+ "version_value": "2.4.25"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.3"
+ "version_value": "2.4.23"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.2"
+ "version_value": "2.4.20"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.1"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.31"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.29"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.27"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.26"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.25"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.24"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.23"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.22"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.21"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.20"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.19"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.18"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.17"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.16"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.15"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.14"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.13"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.12"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.11"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.10"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.9"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.8"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.6"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.5"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.4"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.3"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "2.4.18"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.0"
+ "version_value": "2.4.17"
}
]
}
@@ -2685,19 +2209,24 @@
"references": {},
"timeline": [
{
- "time": "2009-06-06",
+ "time": "2002-09-20",
"lang": "eng",
"value": "reported"
},
{
- "time": "2009-06-01",
+ "time": "2002-10-02",
"lang": "eng",
"value": "public"
},
{
- "time": "2009-07-27",
+ "time": "2002-10-03",
"lang": "eng",
- "value": "2.2.12 released"
+ "value": "2.0.43 released"
+ },
+ {
+ "time": "2002-10-03",
+ "lang": "eng",
+ "value": "1.3.27 released"
}
],
"CNA_private": {
@@ -2707,9 +2236,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2009-06-01",
- "ID": "CVE-2009-1955",
- "TITLE": "APR-util XML DoS"
+ "DATE_PUBLIC": "2002-10-02",
+ "ID": "CVE-2002-0840",
+ "TITLE": "Error page XSS using wildcard DNS"
},
"source": {
"defect": [],
@@ -2722,7 +2251,7 @@
"description": [
{
"lang": "eng",
- "value": "APR-util XML DoS"
+ "value": "Error page XSS using wildcard DNS"
}
]
}
@@ -2732,13 +2261,13 @@
"description_data": [
{
"lang": "eng",
- "value": "A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine."
+ "value": "Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is \"Off\" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header."
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "low"
}
],
"affects": {
@@ -2753,222 +2282,114 @@
"version": {
"version_data": [
{
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.11"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.10"
- },
- {
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.9"
+ "version_value": "2.0.42"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.8"
+ "version_value": "2.0.40"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.6"
+ "version_value": "2.0.39"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.5"
+ "version_value": "2.0.37"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.4"
+ "version_value": "2.0.36"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.3"
+ "version_value": "2.0.35"
},
{
- "version_name": "2.2",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "1.3.26"
},
{
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.0"
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- }
- },
- {
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
- "generator": {
- "engine": "xmltojsonmjc 1.0"
- },
- "references": {},
- "timeline": [
- {
- "time": "2019-02-22",
- "lang": "eng",
- "value": "reported"
- },
- {
- "time": "2019-04-01",
- "lang": "eng",
- "value": "public"
- },
- {
- "time": "2019-04-01",
- "lang": "eng",
- "value": "2.4.39 released"
- }
- ],
- "CNA_private": {
- "owner": "httpd"
- },
- "CVE_data_meta": {
- "ASSIGNER": "security@apache.org",
- "AKA": "",
- "STATE": "PUBLIC",
- "DATE_PUBLIC": "2019-04-01",
- "ID": "CVE-2019-0211",
- "TITLE": "Apache HTTP Server privilege escalation from modules' scripts"
- },
- "source": {
- "defect": [],
- "advisory": "",
- "discovery": "UNKNOWN"
- },
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "Apache HTTP Server privilege escalation from modules' scripts"
- }
- ]
- }
- ]
- },
- "credit": [
- {
- "lang": "eng",
- "value": "The issue was discovered by Charles Fol."
- }
- ],
- "description": {
- "description_data": [
- {
- "lang": "eng",
- "value": "In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected."
- }
- ]
- },
- "impact": [
- {
- "other": "important"
- }
- ],
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "vendor_name": "Apache Software Foundation",
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.38"
+ "version_value": "1.3.24"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.37"
+ "version_value": "1.3.22"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.35"
+ "version_value": "1.3.20"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.34"
+ "version_value": "1.3.19"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.33"
+ "version_value": "1.3.17"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.30"
+ "version_value": "1.3.14"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.29"
+ "version_value": "1.3.12"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.28"
+ "version_value": "1.3.11"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.27"
+ "version_value": "1.3.9"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.26"
+ "version_value": "1.3.6"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.25"
+ "version_value": "1.3.4"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.23"
+ "version_value": "1.3.3"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.20"
+ "version_value": "1.3.2"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.18"
+ "version_value": "1.3.1"
},
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.17"
+ "version_value": "1.3.0"
}
]
}
@@ -2985,11 +2406,301 @@
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
- "engine": "xmltojsonmjc 1.0"
+ "engine": "Vulnogram 0.0.9"
},
- "references": {},
- "timeline": [
- {
+ "CVE_data_meta": {
+ "ID": "CVE-2021-31618",
+ "ASSIGNER": "security@apache.org",
+ "DATE_PUBLIC": "2021-06-01",
+ "TITLE": "NULL pointer dereference on specially crafted HTTP/2 request",
+ "AKA": "",
+ "STATE": "DRAFT"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "",
+ "version_affected": "=",
+ "version_value": "2.4.47",
+ "platform": ""
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-476 NULL Pointer Dereference"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "value": "Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one rece [...]
+ "lang": "eng"
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "CONFIRM",
+ "url": "",
+ "name": ""
+ }
+ ]
+ },
+ "configuration": [],
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "exploit": [],
+ "work_around": [
+ {
+ "lang": "eng",
+ "value": "On unpatched servers, the `h2` protocol can be disabled by removing it from the `Protocols` configuration. If the `h2` protocol is not enabled, the server is not affected by this vulnerability."
+ }
+ ],
+ "solution": [],
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "Apache HTTP server would like to thank LI ZHI XIN from NSFoucs for reporting this."
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd",
+ "publish": {
+ "ym": "",
+ "year": "",
+ "month": ""
+ },
+ "share_with_CVE": true,
+ "CVE_table_description": [],
+ "CVE_list": [],
+ "internal_comments": "",
+ "todo": [],
+ "email": ""
+ },
+ "timeline": [
+ {
+ "time": "2021-04-22",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2021-06-01",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2021-06-01",
+ "lang": "eng",
+ "value": "2.4.48 released"
+ }
+ ]
+ },
+ {
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2019-04-10",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2019-08-14",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2019-08-14",
+ "lang": "eng",
+ "value": "2.4.41 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2019-08-14",
+ "ID": "CVE-2019-9517",
+ "TITLE": "mod_http2, DoS attack by exhausting h2 workers."
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_http2, DoS attack by exhausting h2 workers."
+ }
+ ]
+ }
+ ]
+ },
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "The issue was discovered by Jonathan Looney of Netflix."
+ }
+ ],
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A malicious client could perform a DoS attack by flooding a connection with requests and basically never reading responses on the TCP connection. Depending on h2 worker dimensioning, it was possible to block those with relatively few connections."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.39"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.38"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.37"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.35"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.34"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.33"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.32"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.29"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.28"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.27"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.26"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.25"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.23"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.20"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ },
+ {
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
"time": "2018-01-23",
"lang": "eng",
"value": "reported"
@@ -3128,29 +2839,24 @@
"references": {},
"timeline": [
{
- "time": "2007-10-23",
+ "time": "2016-02-10",
"lang": "eng",
"value": "reported"
},
{
- "time": "2007-12-11",
+ "time": "2016-12-20",
"lang": "eng",
"value": "public"
},
{
- "time": "2008-01-19",
- "lang": "eng",
- "value": "2.2.8 released"
- },
- {
- "time": "2008-01-19",
+ "time": "2016-12-20",
"lang": "eng",
- "value": "2.0.63 released"
+ "value": "2.4.25 released"
},
{
- "time": "2008-01-19",
+ "time": "2017-01-13",
"lang": "eng",
- "value": "1.3.41 released"
+ "value": "2.2.32 released"
}
],
"CNA_private": {
@@ -3160,9 +2866,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2007-12-11",
- "ID": "CVE-2007-5000",
- "TITLE": "mod_imagemap XSS"
+ "DATE_PUBLIC": "2016-12-20",
+ "ID": "CVE-2016-8743",
+ "TITLE": "Apache HTTP Request Parsing Whitespace Defects"
},
"source": {
"defect": [],
@@ -3175,23 +2881,29 @@
"description": [
{
"lang": "eng",
- "value": "mod_imagemap XSS"
+ "value": "Apache HTTP Request Parsing Whitespace Defects"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "We would like to thank David Dennerline at IBM Security's X-Force Researchers as well as R\u00e9gis Leroy for each reporting this issue."
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible."
+ "value": "Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member \"the_request\", while a bare CR in the request header field name would be honored as whitespace [...]
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "important"
}
],
"affects": {
@@ -3206,279 +2918,377 @@
"version": {
"version_data": [
{
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.6"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.5"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.4"
- },
- {
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.3"
+ "version_value": "2.4.23"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "2.4.20"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.0"
+ "version_value": "2.4.18"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.61"
+ "version_value": "2.4.17"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.59"
+ "version_value": "2.4.16"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.58"
+ "version_value": "2.4.12"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.55"
+ "version_value": "2.4.10"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.54"
+ "version_value": "2.4.9"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.53"
+ "version_value": "2.4.7"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.52"
+ "version_value": "2.4.6"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.51"
+ "version_value": "2.4.4"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.50"
+ "version_value": "2.4.3"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.49"
+ "version_value": "2.4.2"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.48"
+ "version_value": "2.4.1"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.47"
+ "version_value": "2.2.31"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.46"
+ "version_value": "2.2.29"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.45"
+ "version_value": "2.2.27"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.44"
+ "version_value": "2.2.26"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.43"
+ "version_value": "2.2.25"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.42"
+ "version_value": "2.2.24"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.40"
+ "version_value": "2.2.23"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.39"
+ "version_value": "2.2.22"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.37"
+ "version_value": "2.2.21"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.36"
+ "version_value": "2.2.20"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.35"
+ "version_value": "2.2.19"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.39"
+ "version_value": "2.2.18"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.37"
+ "version_value": "2.2.17"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.36"
+ "version_value": "2.2.16"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.35"
+ "version_value": "2.2.15"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.34"
+ "version_value": "2.2.14"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.33"
+ "version_value": "2.2.13"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.32"
+ "version_value": "2.2.12"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.31"
+ "version_value": "2.2.11"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.29"
+ "version_value": "2.2.10"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.28"
+ "version_value": "2.2.9"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.27"
+ "version_value": "2.2.8"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.26"
+ "version_value": "2.2.6"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.24"
+ "version_value": "2.2.5"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.22"
+ "version_value": "2.2.4"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.20"
+ "version_value": "2.2.3"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.19"
+ "version_value": "2.2.2"
},
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.17"
- },
- {
- "version_name": "1.3",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ },
+ {
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2016-10-13",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2020-08-07",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2020-08-07",
+ "lang": "eng",
+ "value": "2.4.25 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2020-08-07",
+ "ID": "CVE-2020-11985",
+ "TITLE": "IP address spoofing when proxying using mod_remoteip and mod_rewrite"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "IP address spoofing when proxying using mod_remoteip and mod_rewrite"
+ }
+ ]
+ }
+ ]
+ },
+ "credit": [
+ {
+ "lang": "eng",
+ "value": ""
+ }
+ ],
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.14"
+ "version_value": "2.4.23"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.12"
+ "version_value": "2.4.20"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.11"
+ "version_value": "2.4.18"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.9"
+ "version_value": "2.4.17"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.6"
+ "version_value": "2.4.16"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.4"
+ "version_value": "2.4.12"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.3"
+ "version_value": "2.4.10"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.2"
+ "version_value": "2.4.9"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.1"
+ "version_value": "2.4.7"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.0"
+ "version_value": "2.4.6"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.4"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.3"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.2"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.1"
}
]
}
@@ -3500,7 +3310,134 @@
"references": {},
"timeline": [
{
- "time": "2005-06-11",
+ "time": "2004-04-02",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2004-04-02",
+ "lang": "eng",
+ "value": "2.0.45 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2004-04-02",
+ "ID": "CVE-2003-0132",
+ "TITLE": "Line feed memory leak DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Line feed memory leak DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Apache 2.0 versions before Apache 2.0.45 had a significant Denial of Service vulnerability. Remote attackers could cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ },
+ {
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2005-07-07",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2005-07-07",
"lang": "eng",
"value": "public"
},
@@ -3517,9 +3454,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2005-06-11",
- "ID": "CVE-2005-2088",
- "TITLE": "HTTP Request Spoofing"
+ "DATE_PUBLIC": "2005-07-07",
+ "ID": "CVE-2005-2728",
+ "TITLE": "Byterange filter DoS"
},
"source": {
"defect": [],
@@ -3532,7 +3469,7 @@
"description": [
{
"lang": "eng",
- "value": "HTTP Request Spoofing"
+ "value": "Byterange filter DoS"
}
]
}
@@ -3542,7 +3479,7 @@
"description_data": [
{
"lang": "eng",
- "value": "A flaw occured when using the Apache server as a HTTP proxy. A remote attacker could send a HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, causing Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request. This could allow the bypass of web application firewall protection or lead to cross-site scripting (XSS) attacks."
+ "value": "A flaw in the byterange filter would cause some responses to be buffered into memory. If a server has a dynamic resource such as a CGI script or PHP script which generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service."
}
]
},
@@ -3672,19 +3609,19 @@
"references": {},
"timeline": [
{
- "time": "2007-04-26",
+ "time": "2009-03-05",
"lang": "eng",
"value": "reported"
},
{
- "time": "2007-06-01",
+ "time": "2009-04-21",
"lang": "eng",
"value": "public"
},
{
- "time": "2007-09-07",
+ "time": "2009-07-27",
"lang": "eng",
- "value": "2.2.6 released"
+ "value": "2.2.12 released"
}
],
"CNA_private": {
@@ -3694,9 +3631,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2007-06-01",
- "ID": "CVE-2007-1862",
- "TITLE": "mod_cache information leak"
+ "DATE_PUBLIC": "2009-04-21",
+ "ID": "CVE-2009-1191",
+ "TITLE": "mod_proxy_ajp information disclosure"
},
"source": {
"defect": [],
@@ -3709,7 +3646,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_cache information leak"
+ "value": "mod_proxy_ajp information disclosure"
}
]
}
@@ -3719,13 +3656,13 @@
"description_data": [
{
"lang": "eng",
- "value": "The recall_headers function in mod_mem_cache in Apache 2.2.4 did not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information."
+ "value": "An information disclosure flaw was found in mod_proxy_ajp in version 2.2.11 only. In certain situations, if a user sent a carefully crafted HTTP request, the server could return a response intended for another user."
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "important"
}
],
"affects": {
@@ -3742,7 +3679,7 @@
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.4"
+ "version_value": "2.2.11"
}
]
}
@@ -3764,19 +3701,19 @@
"references": {},
"timeline": [
{
- "time": "2021-02-08",
+ "time": "2018-07-18",
"lang": "eng",
"value": "reported"
},
{
- "time": "2021-06-01",
+ "time": "2018-09-25",
"lang": "eng",
"value": "public"
},
{
- "time": "2021-06-01",
+ "time": "2018-09-29",
"lang": "eng",
- "value": "2.4.48 released"
+ "value": "2.4.35 released"
}
],
"CNA_private": {
@@ -3786,9 +3723,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2021-06-01",
- "ID": "CVE-2021-26690",
- "TITLE": "mod_session NULL pointer dereference"
+ "DATE_PUBLIC": "2018-09-25",
+ "ID": "CVE-2018-11763",
+ "TITLE": "DoS for HTTP/2 connections by continuous SETTINGS"
},
"source": {
"defect": [],
@@ -3801,7 +3738,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_session NULL pointer dereference"
+ "value": "DoS for HTTP/2 connections by continuous SETTINGS"
}
]
}
@@ -3810,14 +3747,14 @@
"credit": [
{
"lang": "eng",
- "value": "This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales)"
+ "value": "The issue was discovered by Gal Goldshtein of F5 Networks."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service"
+ "value": "By sending continous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has enabled the h2 protocol."
}
]
},
@@ -3840,47 +3777,17 @@
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.46"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.43"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.41"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.39"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.38"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.37"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.35"
+ "version_value": "2.4.34"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.34"
+ "version_value": "2.4.33"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.33"
+ "version_value": "2.4.30"
},
{
"version_name": "2.4",
@@ -3921,66 +3828,6 @@
"version_name": "2.4",
"version_affected": "=",
"version_value": "2.4.18"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.17"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.16"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.12"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.10"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.9"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.7"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.6"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.4"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.3"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.2"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.1"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.0"
}
]
}
@@ -4002,19 +3849,19 @@
"references": {},
"timeline": [
{
- "time": "2009-12-30",
+ "time": "2004-07-07",
"lang": "eng",
"value": "reported"
},
{
- "time": "2010-01-27",
+ "time": "2004-07-07",
"lang": "eng",
"value": "public"
},
{
- "time": "2010-02-03",
+ "time": "2004-09-15",
"lang": "eng",
- "value": "1.3.42 released"
+ "value": "2.0.51 released"
}
],
"CNA_private": {
@@ -4024,9 +3871,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2010-01-27",
- "ID": "CVE-2010-0010",
- "TITLE": "mod_proxy overflow on 64-bit systems"
+ "DATE_PUBLIC": "2004-07-07",
+ "ID": "CVE-2004-0748",
+ "TITLE": "SSL connection infinite loop"
},
"source": {
"defect": [],
@@ -4039,7 +3886,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_proxy overflow on 64-bit systems"
+ "value": "SSL connection infinite loop"
}
]
}
@@ -4049,13 +3896,13 @@
"description_data": [
{
"lang": "eng",
- "value": "An incorrect conversion between numeric types flaw was found in the mod_proxy module which affects some 64-bit architecture systems. A malicious HTTP server to which requests are being proxied could use this flaw to trigger a heap buffer overflow in an httpd child process via a carefully crafted response."
+ "value": "An issue was discovered in the mod_ssl module in Apache 2.0. A remote attacker who forces an SSL connection to be aborted in a particular state may cause an Apache child process to enter an infinite loop, consuming CPU resources."
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "important"
}
],
"affects": {
@@ -4070,134 +3917,74 @@
"version": {
"version_data": [
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "1.3.41"
+ "version_value": "2.0.50"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.39"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.49"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.37"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.48"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.36"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.47"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.35"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.46"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.34"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.45"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.33"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.44"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.32"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.43"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.31"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.42"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.29"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.40"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.28"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.27"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.26"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.24"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.22"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.20"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.19"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.17"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.14"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.12"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.11"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.9"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.6"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.39"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.4"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.37"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.3"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.36"
},
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.2"
+ "version_name": "2.0",
+ "version_affected": "?=",
+ "version_value": "2.0.35"
}
]
}
@@ -4209,6 +3996,120 @@
}
}
},
+ {
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "Vulnogram 0.0.9"
+ },
+ "CVE_data_meta": {
+ "ID": "CVE-2022-31813",
+ "ASSIGNER": "security@apache.org",
+ "DATE_PUBLIC": "",
+ "TITLE": "mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism",
+ "AKA": "",
+ "STATE": "REVIEW"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "Apache HTTP Server 2.4",
+ "version_affected": "<=",
+ "version_value": "2.4.53",
+ "platform": ""
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-348 Use of Less Trusted Source"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "value": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism.\nThis may be used to bypass IP based authentication on the origin server/application.",
+ "lang": "eng"
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "CONFIRM",
+ "url": "",
+ "name": ""
+ }
+ ]
+ },
+ "configuration": [],
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "exploit": [],
+ "work_around": [],
+ "solution": [],
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "The Apache HTTP Server project would like to thank Gaetan Ferry (Synacktiv) for reporting this issue"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd",
+ "publish": {
+ "ym": "",
+ "year": "",
+ "month": ""
+ },
+ "share_with_CVE": true,
+ "CVE_table_description": [],
+ "CVE_list": [],
+ "internal_comments": "",
+ "todo": [],
+ "emailed": "",
+ "userslist": "",
+ "email": ""
+ },
+ "timeline": [
+ {
+ "lang": "eng",
+ "time": "2022-06-08",
+ "value": "2.4.54 released"
+ }
+ ]
+ },
{
"data_type": "CVE",
"data_format": "MITRE",
@@ -4219,19 +4120,19 @@
"references": {},
"timeline": [
{
- "time": "2003-12-18",
+ "time": "2019-01-29",
"lang": "eng",
"value": "reported"
},
{
- "time": "2003-12-18",
+ "time": "2019-04-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2004-05-12",
+ "time": "2019-04-01",
"lang": "eng",
- "value": "1.3.31 released"
+ "value": "2.4.39 released"
}
],
"CNA_private": {
@@ -4241,9 +4142,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2003-12-18",
- "ID": "CVE-2003-0987",
- "TITLE": "mod_digest nonce checking"
+ "DATE_PUBLIC": "2019-04-01",
+ "ID": "CVE-2019-0197",
+ "TITLE": "mod_http2, possible crash on late upgrade"
},
"source": {
"defect": [],
@@ -4256,17 +4157,23 @@
"description": [
{
"lang": "eng",
- "value": "mod_digest nonce checking"
+ "value": "mod_http2, possible crash on late upgrade"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "The issue was discovered by Stefan Eissing, greenbytes.de."
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "mod_digest does not properly verify the nonce of a client response by using a AuthNonce secret. This could allow a malicious user who is able to sniff network traffic to conduct a replay attack against a website using Digest protection. Note that mod_digest implements an older version of the MD5 Digest Authentication specification which is known not to work with modern browsers. This issue does not affect mod_auth_digest."
+ "value": "When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for https: and did not configure the \"H2Upgrade on\" is unaffected by this."
}
]
},
@@ -4287,99 +4194,24 @@
"version": {
"version_data": [
{
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.29"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.28"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.27"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.26"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.24"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.22"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.20"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.19"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.17"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.14"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.12"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.11"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.9"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.6"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.4"
- },
- {
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.3"
+ "version_value": "2.4.38"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.2"
+ "version_value": "2.4.37"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.1"
+ "version_value": "2.4.35"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.0"
+ "version_value": "2.4.34"
}
]
}
@@ -4391,120 +4223,6 @@
}
}
},
- {
- "CVE_data_meta": {
- "ASSIGNER": "security@apache.org",
- "ID": "CVE-2021-42013",
- "STATE": "REVIEW",
- "TITLE": "Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)"
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_affected": "=",
- "version_name": "Apache HTTP Server",
- "version_value": "2.4.49"
- },
- {
- "version_affected": "=",
- "version_name": "Apache HTTP Server",
- "version_value": "2.4.50"
- }
- ]
- }
- }
- ]
- },
- "vendor_name": "Apache Software Foundation"
- }
- ]
- }
- },
- "credit": [
- {
- "lang": "eng",
- "value": "Reported by Juan Escobar from Dreamlab Technologies"
- },
- {
- "lang": "eng",
- "value": "Reported by Fernando Mu\u00f1oz from NULL Life CTF Team"
- },
- {
- "lang": "eng",
- "value": "Reported by Shungo Kumasaka"
- },
- {
- "lang": "eng",
- "value": "Reported by Nattapon Jongcharoen"
- }
- ],
- "data_format": "MITRE",
- "data_type": "CVE",
- "data_version": "4.0",
- "description": {
- "description_data": [
- {
- "lang": "eng",
- "value": "It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. \n\nIf files outside of these directories are not protected by the usual default configuration \"require all denied\", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code ex [...]
- }
- ]
- },
- "generator": {
- "engine": "Vulnogram 0.0.9"
- },
- "impact": [
- {
- "other": "critical"
- }
- ],
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
- }
- ]
- }
- ]
- },
- "references": {
- "reference_data": [
- {
- "refsource": "CONFIRM"
- }
- ]
- },
- "source": {
- "discovery": "UNKNOWN"
- },
- "timeline": [
- {
- "lang": "eng",
- "time": "2021-10-06",
- "value": "reported"
- },
- {
- "time": "2021-10-07",
- "lang": "eng",
- "value": "fixed by r1893977, r1893980, r1893982 in 2.4.x"
- },
- {
- "lang": "eng",
- "time": "2021-10-07",
- "value": "2.4.51 released"
- }
- ]
- },
{
"data_type": "CVE",
"data_format": "MITRE",
@@ -4515,24 +4233,24 @@
"references": {},
"timeline": [
{
- "time": "2014-06-16",
+ "time": "2009-12-18",
"lang": "eng",
"value": "reported"
},
{
- "time": "2014-07-14",
+ "time": "2009-12-02",
"lang": "eng",
"value": "public"
},
{
- "time": "2014-07-15",
+ "time": "2010-10-19",
"lang": "eng",
- "value": "2.4.10 released"
+ "value": "2.2.17 released"
},
{
- "time": "2014-09-03",
+ "time": "2010-10-19",
"lang": "eng",
- "value": "2.2.29 released"
+ "value": "2.0.64 released"
}
],
"CNA_private": {
@@ -4542,9 +4260,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2014-07-14",
- "ID": "CVE-2014-0231",
- "TITLE": "mod_cgid denial of service"
+ "DATE_PUBLIC": "2009-12-02",
+ "ID": "CVE-2009-3560",
+ "TITLE": "expat DoS"
},
"source": {
"defect": [],
@@ -4557,29 +4275,23 @@
"description": [
{
"lang": "eng",
- "value": "mod_cgid denial of service"
+ "value": "expat DoS"
}
]
}
]
},
- "credit": [
- {
- "lang": "eng",
- "value": "This issue was reported by Rainer Jung of the ASF"
- }
- ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service."
+ "value": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM."
}
]
},
"impact": [
{
- "other": "important"
+ "other": "low"
}
],
"affects": {
@@ -4594,169 +4306,194 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.9"
+ "version_value": "2.2.16"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.7"
+ "version_value": "2.2.15"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.6"
+ "version_value": "2.2.14"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.4"
+ "version_value": "2.2.13"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.3"
+ "version_value": "2.2.12"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.2"
+ "version_value": "2.2.11"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.1"
+ "version_value": "2.2.10"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.27"
+ "version_value": "2.2.9"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.26"
+ "version_value": "2.2.8"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.25"
+ "version_value": "2.2.6"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.24"
+ "version_value": "2.2.5"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.23"
+ "version_value": "2.2.4"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.22"
+ "version_value": "2.2.3"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.21"
+ "version_value": "2.2.2"
},
{
"version_name": "2.2",
"version_affected": "=",
- "version_value": "2.2.20"
+ "version_value": "2.2.0"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.19"
+ "version_value": "2.0.63"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.18"
+ "version_value": "2.0.61"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.17"
+ "version_value": "2.0.59"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.16"
+ "version_value": "2.0.58"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.15"
+ "version_value": "2.0.55"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.14"
+ "version_value": "2.0.54"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.13"
+ "version_value": "2.0.53"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.12"
+ "version_value": "2.0.52"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.11"
+ "version_value": "2.0.51"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.10"
+ "version_value": "2.0.50"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.9"
+ "version_value": "2.0.49"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.8"
+ "version_value": "2.0.48"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.6"
+ "version_value": "2.0.47"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.5"
+ "version_value": "2.0.46"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.4"
+ "version_value": "2.0.45"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.3"
+ "version_value": "2.0.44"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "2.0.43"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.0"
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
}
]
}
@@ -4768,6 +4505,120 @@
}
}
},
+ {
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "Vulnogram 0.0.9"
+ },
+ "CVE_data_meta": {
+ "ID": "CVE-2022-30556",
+ "ASSIGNER": "security@apache.org",
+ "DATE_PUBLIC": "",
+ "TITLE": "Information Disclosure in mod_lua with websockets",
+ "AKA": "",
+ "STATE": "REVIEW"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "",
+ "version_affected": "<=",
+ "version_value": "2.4.53",
+ "platform": ""
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "value": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
+ "lang": "eng"
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "CONFIRM",
+ "url": "",
+ "name": ""
+ }
+ ]
+ },
+ "configuration": [],
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "exploit": [],
+ "work_around": [],
+ "solution": [],
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd",
+ "publish": {
+ "ym": "",
+ "year": "",
+ "month": ""
+ },
+ "share_with_CVE": true,
+ "CVE_table_description": [],
+ "CVE_list": [],
+ "internal_comments": "",
+ "todo": [],
+ "emailed": "",
+ "userslist": "",
+ "email": ""
+ },
+ "timeline": [
+ {
+ "lang": "eng",
+ "time": "2022-06-08",
+ "value": "2.4.54 released"
+ }
+ ]
+ },
{
"data_type": "CVE",
"data_format": "MITRE",
@@ -4778,19 +4629,19 @@
"references": {},
"timeline": [
{
- "time": "2002-07-05",
+ "time": "2020-09-11",
"lang": "eng",
"value": "reported"
},
{
- "time": "2002-08-09",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2002-08-09",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.0.40 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -4800,9 +4651,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2002-08-09",
- "ID": "CVE-2002-0654",
- "TITLE": "Path revealing exposures"
+ "DATE_PUBLIC": "2021-06-01",
+ "ID": "CVE-2020-13950",
+ "TITLE": "mod_proxy_http NULL pointer dereference"
},
"source": {
"defect": [],
@@ -4815,17 +4666,23 @@
"description": [
{
"lang": "eng",
- "value": "Path revealing exposures"
+ "value": "mod_proxy_http NULL pointer dereference"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "Reported by Marc Stern (<marc.stern approach.be>)"
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A path-revealing exposure was present in multiview type map negotiation (such as the default error documents) where a module would report the full path of the typemapped .var file when multiple documents or no documents could be served. Additionally a path-revealing exposure in cgi/cgid when Apache fails to invoke a script. The modules would report \"couldn't create child process /path-to-script/script.pl\" revealing the full path of the script."
+ "value": "Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service"
}
]
},
@@ -4846,24 +4703,19 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.39"
- },
- {
- "version_name": "2.0",
- "version_affected": "?=",
- "version_value": "2.0.37"
+ "version_value": "2.4.46"
},
{
- "version_name": "2.0",
- "version_affected": "?=",
- "version_value": "2.0.36"
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.43"
},
{
- "version_name": "2.0",
- "version_affected": "?=",
- "version_value": "2.0.35"
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.41"
}
]
}
@@ -4885,14 +4737,14 @@
"references": {},
"timeline": [
{
- "time": "2001-07-09",
+ "time": "2003-03-31",
"lang": "eng",
"value": "public"
},
{
- "time": "2001-10-12",
+ "time": "2003-05-28",
"lang": "eng",
- "value": "1.3.22 released"
+ "value": "2.0.46 released"
}
],
"CNA_private": {
@@ -4902,9 +4754,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2001-07-09",
- "ID": "CVE-2001-0731",
- "TITLE": "Multiviews can cause a directory listing to be displayed"
+ "DATE_PUBLIC": "2003-03-31",
+ "ID": "CVE-2003-0134",
+ "TITLE": "OS2 device name DoS"
},
"source": {
"defect": [],
@@ -4917,7 +4769,7 @@
"description": [
{
"lang": "eng",
- "value": "Multiviews can cause a directory listing to be displayed"
+ "value": "OS2 device name DoS"
}
]
}
@@ -4927,7 +4779,7 @@
"description_data": [
{
"lang": "eng",
- "value": "A vulnerability was found when Multiviews are used to negotiate the directory index. In some configurations, requesting a URI with a QUERY_STRING of M=D could return a directory listing rather than the expected index page."
+ "value": "Apache on OS2 up to and including Apache 2.0.45 have a Denial of Service vulnerability caused by device names."
}
]
},
@@ -4948,69 +4800,49 @@
"version": {
"version_data": [
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "1.3.20"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.19"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.17"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.14"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.12"
+ "version_value": "2.0.45"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.11"
+ "version_value": "2.0.44"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.9"
+ "version_value": "2.0.43"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.6"
+ "version_value": "2.0.42"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.4"
+ "version_value": "2.0.40"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.3"
+ "version_value": "2.0.39"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.2"
+ "version_value": "2.0.37"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.1"
+ "version_value": "2.0.36"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "?=",
- "version_value": "1.3.0"
+ "version_value": "2.0.35"
}
]
}
@@ -5032,24 +4864,19 @@
"references": {},
"timeline": [
{
- "time": "2008-05-29",
+ "time": "2009-04-24",
"lang": "eng",
"value": "reported"
},
{
- "time": "2008-06-10",
+ "time": "2009-04-24",
"lang": "eng",
"value": "public"
},
{
- "time": "2010-10-19",
- "lang": "eng",
- "value": "2.0.64 released"
- },
- {
- "time": "2008-06-14",
+ "time": "2009-07-27",
"lang": "eng",
- "value": "2.2.9 released"
+ "value": "2.2.12 released"
}
],
"CNA_private": {
@@ -5059,9 +4886,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2008-06-10",
- "ID": "CVE-2008-2364",
- "TITLE": "mod_proxy_http DoS"
+ "DATE_PUBLIC": "2009-04-24",
+ "ID": "CVE-2009-1956",
+ "TITLE": "APR-util off-by-one overflow"
},
"source": {
"defect": [],
@@ -5074,7 +4901,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_proxy_http DoS"
+ "value": "APR-util off-by-one overflow"
}
]
}
@@ -5084,7 +4911,7 @@
"description_data": [
{
"lang": "eng",
- "value": "A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage."
+ "value": "An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service."
}
]
},
@@ -5105,119 +4932,19 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.63"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.61"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.59"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.58"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.55"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.54"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.53"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.52"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.51"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.50"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.49"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.48"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.47"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.46"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.45"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.44"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.43"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.42"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.40"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.39"
- },
- {
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.37"
+ "version_value": "2.2.11"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.36"
+ "version_value": "2.2.10"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.35"
+ "version_value": "2.2.9"
},
{
"version_name": "2.2",
@@ -5274,19 +5001,19 @@
"references": {},
"timeline": [
{
- "time": "2008-01-15",
+ "time": "2004-02-20",
"lang": "eng",
"value": "reported"
},
{
- "time": "2008-01-21",
+ "time": "2004-02-20",
"lang": "eng",
"value": "public"
},
{
- "time": "2009-07-27",
+ "time": "2004-03-19",
"lang": "eng",
- "value": "2.2.12 released"
+ "value": "2.0.49 released"
}
],
"CNA_private": {
@@ -5296,9 +5023,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2008-01-21",
- "ID": "CVE-2008-0456",
- "TITLE": "CRLF injection in mod_negotiation when untrusted uploads are supported"
+ "DATE_PUBLIC": "2004-02-20",
+ "ID": "CVE-2004-0113",
+ "TITLE": "mod_ssl memory leak"
},
"source": {
"defect": [],
@@ -5311,7 +5038,7 @@
"description": [
{
"lang": "eng",
- "value": "CRLF injection in mod_negotiation when untrusted uploads are supported"
+ "value": "mod_ssl memory leak"
}
]
}
@@ -5321,13 +5048,13 @@
"description_data": [
{
"lang": "eng",
- "value": "Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled."
+ "value": "A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server by sending plain HTTP requests to the SSL port."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "important"
}
],
"affects": {
@@ -5342,56 +5069,164 @@
"version": {
"version_data": [
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.11"
+ "version_value": "2.0.48"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.10"
+ "version_value": "2.0.47"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.9"
+ "version_value": "2.0.46"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.8"
+ "version_value": "2.0.45"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.6"
+ "version_value": "2.0.44"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.5"
+ "version_value": "2.0.43"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.4"
+ "version_value": "2.0.42"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.3"
+ "version_value": "2.0.40"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "2.0.39"
},
{
- "version_name": "2.2",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.2.0"
- }
- ]
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ },
+ {
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2014-09-17",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2014-11-12",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2015-01-30",
+ "lang": "eng",
+ "value": "2.4.12 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2014-11-12",
+ "ID": "CVE-2014-3583",
+ "TITLE": "mod_proxy_fcgi out-of-bounds memory read"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_fcgi out-of-bounds memory read"
+ }
+ ]
+ }
+ ]
+ },
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "This issue was reported by Teguh P. Alko."
+ }
+ ],
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An out-of-bounds memory read was found in mod_proxy_fcgi. A malicious FastCGI server could send a carefully crafted response which could lead to a crash when reading past the end of a heap memory or stack buffer. This issue affects version 2.4.10 only."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.10"
+ }
+ ]
}
}
]
@@ -5530,24 +5365,29 @@
"references": {},
"timeline": [
{
- "time": "2003-02-24",
+ "time": "2006-07-21",
"lang": "eng",
"value": "reported"
},
{
- "time": "2003-02-24",
+ "time": "2006-07-27",
"lang": "eng",
"value": "public"
},
{
- "time": "2004-04-02",
+ "time": "2006-07-27",
"lang": "eng",
- "value": "2.0.46 released"
+ "value": "2.2.3 released"
},
{
- "time": "2002-06-18",
+ "time": "2006-07-27",
"lang": "eng",
- "value": "1.3.26 released"
+ "value": "2.0.59 released"
+ },
+ {
+ "time": "2006-07-27",
+ "lang": "eng",
+ "value": "1.3.37 released"
}
],
"CNA_private": {
@@ -5557,9 +5397,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2003-02-24",
- "ID": "CVE-2003-0083",
- "TITLE": "Filtered escape sequences"
+ "DATE_PUBLIC": "2006-07-27",
+ "ID": "CVE-2006-3747",
+ "TITLE": "mod_rewrite off-by-one error"
},
"source": {
"defect": [],
@@ -5572,7 +5412,7 @@
"description": [
{
"lang": "eng",
- "value": "Filtered escape sequences"
+ "value": "mod_rewrite off-by-one error"
}
]
}
@@ -5582,13 +5422,13 @@
"description_data": [
{
"lang": "eng",
- "value": "Apache did not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences."
+ "value": "An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. For vulnerable builds, the nature of the vulnerability can be denial of service (crashing of web server processes) or potentially allow arbitrary code execution."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "important"
}
],
"affects": {
@@ -5603,124 +5443,109 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.45"
+ "version_value": "2.2.2"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.44"
+ "version_value": "2.2.0"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.43"
+ "version_value": "2.0.58"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.42"
+ "version_value": "2.0.55"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.40"
+ "version_value": "2.0.54"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.39"
+ "version_value": "2.0.53"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.37"
+ "version_value": "2.0.52"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.36"
+ "version_value": "2.0.51"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.35"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.24"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.22"
- },
- {
- "version_name": "1.3",
- "version_affected": "=",
- "version_value": "1.3.20"
+ "version_value": "2.0.50"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "1.3.19"
+ "version_value": "2.0.49"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "1.3.17"
+ "version_value": "2.0.48"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "1.3.14"
+ "version_value": "2.0.47"
},
{
- "version_name": "1.3",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "1.3.12"
+ "version_value": "2.0.46"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.11"
+ "version_value": "1.3.36"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.9"
+ "version_value": "1.3.35"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.6"
+ "version_value": "1.3.34"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.4"
+ "version_value": "1.3.33"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.3"
+ "version_value": "1.3.32"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.2"
+ "version_value": "1.3.31"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.1"
+ "version_value": "1.3.29"
},
{
"version_name": "1.3",
"version_affected": "=",
- "version_value": "1.3.0"
+ "version_value": "1.3.28"
}
]
}
@@ -5742,19 +5567,19 @@
"references": {},
"timeline": [
{
- "time": "2016-10-13",
+ "time": "2021-03-01",
"lang": "eng",
"value": "reported"
},
{
- "time": "2020-08-07",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2020-08-07",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.25 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -5764,9 +5589,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2020-08-07",
- "ID": "CVE-2020-11985",
- "TITLE": "IP address spoofing when proxying using mod_remoteip and mod_rewrite"
+ "DATE_PUBLIC": "2021-06-01",
+ "ID": "CVE-2021-26691",
+ "TITLE": "mod_session response handling heap overflow"
},
"source": {
"defect": [],
@@ -5779,7 +5604,7 @@
"description": [
{
"lang": "eng",
- "value": "IP address spoofing when proxying using mod_remoteip and mod_rewrite"
+ "value": "mod_session response handling heap overflow"
}
]
}
@@ -5788,14 +5613,14 @@
"credit": [
{
"lang": "eng",
- "value": ""
+ "value": "Discovered internally Christophe Jaillet"
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020."
+ "value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow"
}
]
},
@@ -5815,6 +5640,76 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.46"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.43"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.41"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.39"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.38"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.37"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.35"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.34"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.33"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.29"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.28"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.27"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.26"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.25"
+ },
{
"version_name": "2.4",
"version_affected": "=",
@@ -5884,6 +5779,11 @@
"version_name": "2.4",
"version_affected": "=",
"version_value": "2.4.1"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.0"
}
]
}
@@ -5895,103 +5795,6 @@
}
}
},
- {
- "CVE_data_meta": {
- "ASSIGNER": "security@apache.org",
- "ID": "CVE-2022-22720",
- "STATE": "REVIEW",
- "TITLE": "HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier"
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_affected": "<=",
- "version_name": "Apache HTTP Server 2.4",
- "version_value": "2.4.52"
- }
- ]
- }
- }
- ]
- },
- "vendor_name": "Apache Software Foundation"
- }
- ]
- }
- },
- "credit": [
- {
- "lang": "eng",
- "value": "James Kettle <james.kettle portswigger.net>"
- }
- ],
- "data_format": "MITRE",
- "data_type": "CVE",
- "data_version": "4.0",
- "description": {
- "description_data": [
- {
- "lang": "eng",
- "value": "Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling"
- }
- ]
- },
- "generator": {
- "engine": "Vulnogram 0.0.9"
- },
- "impact": [
- {
- "other": "important"
- }
- ],
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')"
- }
- ]
- }
- ]
- },
- "references": {
- "reference_data": [
- {
- "refsource": "CONFIRM"
- }
- ]
- },
- "source": {
- "discovery": "UNKNOWN"
- },
- "timeline": [
- {
- "lang": "eng",
- "time": "2021-12-17",
- "value": "Reported to security team"
- },
- {
- "lang": "eng",
- "time": "2022-03-07",
- "value": "fixed by r1898692 in 2.4.x"
- },
- {
- "lang": "eng",
- "time": "2022-03-14",
- "value": "2.4.53 released"
- }
- ]
- },
{
"data_type": "CVE",
"data_format": "MITRE",
@@ -6002,19 +5805,14 @@
"references": {},
"timeline": [
{
- "time": "2003-04-25",
- "lang": "eng",
- "value": "reported"
- },
- {
- "time": "2003-05-28",
+ "time": "2002-09-19",
"lang": "eng",
"value": "public"
},
{
- "time": "2003-05-28",
+ "time": "2002-09-24",
"lang": "eng",
- "value": "2.0.46 released"
+ "value": "2.0.42 released"
}
],
"CNA_private": {
@@ -6024,9 +5822,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2003-05-28",
- "ID": "CVE-2003-0189",
- "TITLE": "Basic Authentication DoS"
+ "DATE_PUBLIC": "2002-09-19",
+ "ID": "CVE-2002-1593",
+ "TITLE": "mod_dav crash"
},
"source": {
"defect": [],
@@ -6039,7 +5837,7 @@
"description": [
{
"lang": "eng",
- "value": "Basic Authentication DoS"
+ "value": "mod_dav crash"
}
]
}
@@ -6049,13 +5847,13 @@
"description_data": [
{
"lang": "eng",
- "value": "A build system problem in Apache 2.0.40 through 2.0.45 allows remote attackers to cause a denial of access to authenticated content when a threaded server is used."
+ "value": "A flaw was found in handling of versioning hooks in mod_dav. An attacker could send a carefully crafted request in such a way to cause the child process handling the connection to crash. This issue will only result in a denial of service where a threaded process model is in use."
}
]
},
"impact": [
{
- "other": "important"
+ "other": "moderate"
}
],
"affects": {
@@ -6072,27 +5870,27 @@
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.45"
+ "version_value": "2.0.40"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.44"
+ "version_value": "2.0.39"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.43"
+ "version_value": "2.0.37"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.42"
+ "version_value": "2.0.36"
},
{
"version_name": "2.0",
"version_affected": "=",
- "version_value": "2.0.40"
+ "version_value": "2.0.35"
}
]
}
@@ -6114,19 +5912,19 @@
"references": {},
"timeline": [
{
- "time": "2018-10-08",
+ "time": "2010-02-02",
"lang": "eng",
"value": "reported"
},
{
- "time": "2019-01-22",
+ "time": "2010-03-02",
"lang": "eng",
"value": "public"
},
{
- "time": "2019-02-28",
+ "time": "2010-03-05",
"lang": "eng",
- "value": "2.4.38 released"
+ "value": "2.2.15 released"
}
],
"CNA_private": {
@@ -6136,9 +5934,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2019-01-22",
- "ID": "CVE-2018-17199",
- "TITLE": "mod_session_cookie does not respect expiry time"
+ "DATE_PUBLIC": "2010-03-02",
+ "ID": "CVE-2010-0408",
+ "TITLE": "mod_proxy_ajp DoS"
},
"source": {
"defect": [],
@@ -6151,7 +5949,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_session_cookie does not respect expiry time"
+ "value": "mod_proxy_ajp DoS"
}
]
}
@@ -6160,20 +5958,20 @@
"credit": [
{
"lang": "eng",
- "value": "The issue was discovered by Diego Angulo from ImExHS."
+ "value": "We would like to thank Niku Toivola of Sulake Corporation for reporting and proposing a patch fix for this issue."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded."
+ "value": "mod_proxy_ajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "moderate"
}
],
"affects": {
@@ -6188,129 +5986,69 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.37"
- },
- {
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.35"
+ "version_value": "2.2.14"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.34"
+ "version_value": "2.2.13"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.33"
+ "version_value": "2.2.12"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.30"
+ "version_value": "2.2.11"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.29"
+ "version_value": "2.2.10"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.28"
+ "version_value": "2.2.9"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.27"
+ "version_value": "2.2.8"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.26"
+ "version_value": "2.2.6"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.25"
+ "version_value": "2.2.5"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.23"
+ "version_value": "2.2.4"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.20"
+ "version_value": "2.2.3"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.18"
+ "version_value": "2.2.2"
},
{
- "version_name": "2.4",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.4.17"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.16"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.12"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.10"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.9"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.7"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.6"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.4"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.3"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.2"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.1"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.0"
+ "version_value": "2.2.0"
}
]
}
@@ -6332,19 +6070,19 @@
"references": {},
"timeline": [
{
- "time": "2004-10-21",
+ "time": "2021-02-08",
"lang": "eng",
"value": "reported"
},
{
- "time": "2004-10-21",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2004-10-28",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "1.3.33 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -6354,9 +6092,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2004-10-21",
- "ID": "CVE-2004-0940",
- "TITLE": "mod_include overflow"
+ "DATE_PUBLIC": "2021-06-01",
+ "ID": "CVE-2021-26690",
+ "TITLE": "mod_session NULL pointer dereference"
},
"source": {
"defect": [],
@@ -6369,23 +6107,29 @@
"description": [
{
"lang": "eng",
- "value": "mod_include overflow"
+ "value": "mod_session NULL pointer dereference"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales)"
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A buffer overflow in mod_include could allow a local user who is authorised to create server side include (SSI) files to gain the privileges of a httpd child."
+ "value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service"
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "low"
}
],
"affects": {
@@ -6400,109 +6144,149 @@
"version": {
"version_data": [
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.32"
+ "version_value": "2.4.46"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.31"
+ "version_value": "2.4.43"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.29"
+ "version_value": "2.4.41"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.28"
+ "version_value": "2.4.39"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.27"
+ "version_value": "2.4.38"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.26"
+ "version_value": "2.4.37"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.24"
+ "version_value": "2.4.35"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.22"
+ "version_value": "2.4.34"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.20"
+ "version_value": "2.4.33"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.19"
+ "version_value": "2.4.29"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.17"
+ "version_value": "2.4.28"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.14"
+ "version_value": "2.4.27"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.12"
+ "version_value": "2.4.26"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.11"
+ "version_value": "2.4.25"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.9"
+ "version_value": "2.4.23"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.6"
+ "version_value": "2.4.20"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.4"
+ "version_value": "2.4.18"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.3"
+ "version_value": "2.4.17"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.2"
+ "version_value": "2.4.16"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.1"
+ "version_value": "2.4.12"
},
{
- "version_name": "1.3",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "1.3.0"
+ "version_value": "2.4.10"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.9"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.7"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.6"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.4"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.3"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.2"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.1"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.0"
}
]
}
@@ -6524,19 +6308,9 @@
"references": {},
"timeline": [
{
- "time": "2002-12-04",
- "lang": "eng",
- "value": "reported"
- },
- {
- "time": "2003-01-20",
- "lang": "eng",
- "value": "public"
- },
- {
- "time": "2003-01-20",
+ "time": "2000-10-13",
"lang": "eng",
- "value": "2.0.44 released"
+ "value": "1.3.14 released"
}
],
"CNA_private": {
@@ -6546,9 +6320,8 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2003-01-20",
- "ID": "CVE-2003-0016",
- "TITLE": "MS-DOS device name filtering"
+ "ID": "CVE-2000-0505",
+ "TITLE": "Requests can cause directory listing to be displayed on NT"
},
"source": {
"defect": [],
@@ -6561,7 +6334,7 @@
"description": [
{
"lang": "eng",
- "value": "MS-DOS device name filtering"
+ "value": "Requests can cause directory listing to be displayed on NT"
}
]
}
@@ -6571,13 +6344,13 @@
"description_data": [
{
"lang": "eng",
- "value": "On Windows platforms Apache did not correctly filter MS-DOS device names which could lead to denial of service attacks or remote code execution."
+ "value": "A security hole on Apache for Windows allows a user to view the listing of a directory instead of the default HTML page by sending a carefully constructed request."
}
]
},
"impact": [
{
- "other": "critical"
+ "other": "moderate"
}
],
"affects": {
@@ -6592,39 +6365,49 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.0.43"
+ "version_value": "1.3.12"
},
{
- "version_name": "2.0",
+ "version_name": "1.3",
"version_affected": "?=",
- "version_value": "2.0.42"
+ "version_value": "1.3.11"
},
{
- "version_name": "2.0",
+ "version_name": "1.3",
"version_affected": "?=",
- "version_value": "2.0.40"
+ "version_value": "1.3.9"
},
{
- "version_name": "2.0",
+ "version_name": "1.3",
"version_affected": "?=",
- "version_value": "2.0.39"
+ "version_value": "1.3.6"
},
{
- "version_name": "2.0",
+ "version_name": "1.3",
"version_affected": "?=",
- "version_value": "2.0.37"
+ "version_value": "1.3.4"
},
{
- "version_name": "2.0",
+ "version_name": "1.3",
"version_affected": "?=",
- "version_value": "2.0.36"
+ "version_value": "1.3.3"
},
{
- "version_name": "2.0",
+ "version_name": "1.3",
"version_affected": "?=",
- "version_value": "2.0.35"
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.0"
}
]
}
@@ -6646,19 +6429,24 @@
"references": {},
"timeline": [
{
- "time": "2007-12-12",
+ "time": "2016-12-05",
"lang": "eng",
"value": "reported"
},
{
- "time": "2008-01-02",
+ "time": "2017-06-19",
"lang": "eng",
"value": "public"
},
{
- "time": "2008-01-19",
+ "time": "2017-06-19",
"lang": "eng",
- "value": "2.2.8 released"
+ "value": "2.4.26 released"
+ },
+ {
+ "time": "2017-07-11",
+ "lang": "eng",
+ "value": "2.2.34 released"
}
],
"CNA_private": {
@@ -6668,9 +6456,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2008-01-02",
- "ID": "CVE-2007-6422",
- "TITLE": "mod_proxy_balancer DoS"
+ "DATE_PUBLIC": "2017-06-19",
+ "ID": "CVE-2017-3169",
+ "TITLE": "mod_ssl Null Pointer Dereference"
},
"source": {
"defect": [],
@@ -6683,23 +6471,29 @@
"description": [
{
"lang": "eng",
- "value": "mod_proxy_balancer DoS"
+ "value": "mod_ssl Null Pointer Dereference"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "We would like to thank Vasileios Panopoulos and AdNovum Informatik AG for reporting this issue."
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module."
+ "value": "mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "important"
}
],
"affects": {
@@ -6713,6 +6507,196 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.25"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.23"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.20"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.18"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.17"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.16"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.12"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.10"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.9"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.7"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.6"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.4"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.3"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.2"
+ },
+ {
+ "version_name": "2.4",
+ "version_affected": "=",
+ "version_value": "2.4.1"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.32"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.31"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.29"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.27"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.26"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.25"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.24"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.23"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.22"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.21"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.20"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.19"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.18"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.17"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.16"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.15"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.14"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.13"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.12"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
{
"version_name": "2.2",
"version_affected": "=",
@@ -6758,156 +6742,24 @@
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
- "engine": "Vulnogram 0.0.9"
- },
- "CVE_data_meta": {
- "ID": "CVE-2021-31618",
- "ASSIGNER": "security@apache.org",
- "DATE_PUBLIC": "2021-06-01",
- "TITLE": "NULL pointer dereference on specially crafted HTTP/2 request",
- "AKA": "",
- "STATE": "DRAFT"
- },
- "source": {
- "defect": [],
- "advisory": "",
- "discovery": "UNKNOWN"
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "vendor_name": "Apache Software Foundation",
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_name": "",
- "version_affected": "=",
- "version_value": "2.4.47",
- "platform": ""
- }
- ]
- }
- }
- ]
- }
- }
- ]
- }
- },
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "CWE-476 NULL Pointer Dereference"
- }
- ]
- }
- ]
- },
- "description": {
- "description_data": [
- {
- "value": "Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one rece [...]
- "lang": "eng"
- }
- ]
- },
- "references": {
- "reference_data": [
- {
- "refsource": "CONFIRM",
- "url": "",
- "name": ""
- }
- ]
- },
- "configuration": [],
- "impact": [
- {
- "other": "important"
- }
- ],
- "exploit": [],
- "work_around": [
- {
- "lang": "eng",
- "value": "On unpatched servers, the `h2` protocol can be disabled by removing it from the `Protocols` configuration. If the `h2` protocol is not enabled, the server is not affected by this vulnerability."
- }
- ],
- "solution": [],
- "credit": [
- {
- "lang": "eng",
- "value": "Apache HTTP server would like to thank LI ZHI XIN from NSFoucs for reporting this."
- }
- ],
- "CNA_private": {
- "owner": "httpd",
- "publish": {
- "ym": "",
- "year": "",
- "month": ""
- },
- "share_with_CVE": true,
- "CVE_table_description": [],
- "CVE_list": [],
- "internal_comments": "",
- "todo": [],
- "email": ""
- },
- "timeline": [
- {
- "time": "2021-04-22",
- "lang": "eng",
- "value": "reported"
- },
- {
- "time": "2021-06-01",
- "lang": "eng",
- "value": "public"
- },
- {
- "time": "2021-06-01",
- "lang": "eng",
- "value": "2.4.48 released"
- }
- ]
- },
- {
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
- "generator": {
- "engine": "xmltojsonmjc 1.0"
+ "engine": "xmltojsonmjc 1.0"
},
"references": {},
"timeline": [
{
- "time": "2016-07-24",
+ "time": "2019-01-20",
"lang": "eng",
"value": "reported"
},
{
- "time": "2018-08-14",
+ "time": "2019-04-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2016-12-20",
- "lang": "eng",
- "value": "2.4.25 released"
- },
- {
- "time": "2017-01-13",
+ "time": "2019-04-01",
"lang": "eng",
- "value": "2.2.32 released"
+ "value": "2.4.39 released"
}
],
"CNA_private": {
@@ -6917,9 +6769,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2018-08-14",
- "ID": "CVE-2016-4975",
- "TITLE": "mod_userdir CRLF injection"
+ "DATE_PUBLIC": "2019-04-01",
+ "ID": "CVE-2019-0220",
+ "TITLE": "Apache httpd URL normalization inconsistincy"
},
"source": {
"defect": [],
@@ -6932,7 +6784,7 @@
"description": [
{
"lang": "eng",
- "value": "mod_userdir CRLF injection"
+ "value": "Apache httpd URL normalization inconsistincy"
}
]
}
@@ -6941,20 +6793,20 @@
"credit": [
{
"lang": "eng",
- "value": "The issue was discovered by Sergey Bobrov"
+ "value": "The issue was discovered by Bernhard Lorenz <be...@alphastrike.io> of Alpha Strike Labs GmbH."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value."
+ "value": "When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them."
}
]
},
"impact": [
{
- "other": "moderate"
+ "other": "low"
}
],
"affects": {
@@ -6971,212 +6823,132 @@
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.23"
+ "version_value": "2.4.38"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.20"
+ "version_value": "2.4.37"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.18"
+ "version_value": "2.4.35"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.17"
+ "version_value": "2.4.34"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.16"
+ "version_value": "2.4.33"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.12"
+ "version_value": "2.4.30"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.10"
+ "version_value": "2.4.29"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.9"
+ "version_value": "2.4.28"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.7"
+ "version_value": "2.4.27"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.6"
+ "version_value": "2.4.26"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.4"
+ "version_value": "2.4.25"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.3"
+ "version_value": "2.4.23"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.2"
+ "version_value": "2.4.20"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.1"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.31"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.29"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.27"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.26"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.25"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.24"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.23"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.22"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.21"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.20"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.19"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.18"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.17"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.16"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.15"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.14"
+ "version_value": "2.4.18"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.13"
+ "version_value": "2.4.17"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.12"
+ "version_value": "2.4.16"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.11"
+ "version_value": "2.4.12"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.10"
+ "version_value": "2.4.10"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.9"
+ "version_value": "2.4.9"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.8"
+ "version_value": "2.4.7"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.6"
+ "version_value": "2.4.6"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.5"
+ "version_value": "2.4.4"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.4"
+ "version_value": "2.4.3"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.3"
+ "version_value": "2.4.2"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.2"
+ "version_value": "2.4.1"
},
{
- "version_name": "2.2",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.2.0"
+ "version_value": "2.4.0"
}
]
}
@@ -7198,19 +6970,19 @@
"references": {},
"timeline": [
{
- "time": "2016-01-20",
+ "time": "2003-07-04",
"lang": "eng",
"value": "reported"
},
{
- "time": "2016-12-20",
+ "time": "2003-07-18",
"lang": "eng",
"value": "public"
},
{
- "time": "2016-12-20",
+ "time": "2003-07-18",
"lang": "eng",
- "value": "2.4.25 released"
+ "value": "1.3.28 released"
}
],
"CNA_private": {
@@ -7220,9 +6992,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2016-12-20",
- "ID": "CVE-2016-0736",
- "TITLE": "Padding Oracle in Apache mod_session_crypto"
+ "DATE_PUBLIC": "2003-07-18",
+ "ID": "CVE-2003-0460",
+ "TITLE": "RotateLogs DoS"
},
"source": {
"defect": [],
@@ -7235,29 +7007,23 @@
"description": [
{
"lang": "eng",
- "value": "Padding Oracle in Apache mod_session_crypto"
+ "value": "RotateLogs DoS"
}
]
}
]
},
- "credit": [
- {
- "lang": "eng",
- "value": "We would like to thank individuals at the RedTeam Pentesting GmbH for reporting this issue."
- }
- ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Prior to Apache HTTP release 2.4.25, mod_sessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. An authentication tag (SipHash MAC) is now added to prevent such attacks."
+ "value": "The rotatelogs support program on Win32 and OS/2 would quit logging and exit if it received special control characters such as 0x1A."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "important"
}
],
"affects": {
@@ -7272,74 +7038,89 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
+ "version_name": "1.3",
"version_affected": "=",
- "version_value": "2.4.23"
+ "version_value": "1.3.27"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.20"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.26"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.18"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.24"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.17"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.22"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.16"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.20"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.12"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.19"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.10"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.17"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.9"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.14"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.7"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.12"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.6"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.11"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.4"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.9"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.3"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.6"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.2"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.4"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.1"
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "?=",
+ "version_value": "1.3.0"
}
]
}
@@ -7361,19 +7142,19 @@
"references": {},
"timeline": [
{
- "time": "2004-07-07",
+ "time": "2008-12-25",
"lang": "eng",
"value": "reported"
},
{
- "time": "2004-07-07",
+ "time": "2009-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "2004-09-15",
+ "time": "2009-07-27",
"lang": "eng",
- "value": "2.0.51 released"
+ "value": "2.2.12 released"
}
],
"CNA_private": {
@@ -7383,9 +7164,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2004-07-07",
- "ID": "CVE-2004-0751",
- "TITLE": "Malicious SSL proxy can cause crash"
+ "DATE_PUBLIC": "2009-06-01",
+ "ID": "CVE-2009-0023",
+ "TITLE": "APR-util heap underwrite"
},
"source": {
"defect": [],
@@ -7398,7 +7179,7 @@
"description": [
{
"lang": "eng",
- "value": "Malicious SSL proxy can cause crash"
+ "value": "APR-util heap underwrite"
}
]
}
@@ -7408,13 +7189,13 @@
"description_data": [
{
"lang": "eng",
- "value": "An issue was discovered in the mod_ssl module in Apache 2.0.44-2.0.50 which could be triggered if the server is configured to allow proxying to a remote SSL server. A malicious remote SSL server could force an httpd child process to crash by sending a carefully crafted response header. This issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use."
+ "value": "A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "moderate"
}
],
"affects": {
@@ -7429,39 +7210,54 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.50"
+ "version_value": "2.2.11"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.49"
+ "version_value": "2.2.10"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.48"
+ "version_value": "2.2.9"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.47"
+ "version_value": "2.2.8"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.46"
+ "version_value": "2.2.6"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.45"
+ "version_value": "2.2.5"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.44"
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
}
]
}
@@ -7474,135 +7270,38 @@
}
},
{
- "CVE_data_meta": {
- "ASSIGNER": "security@apache.org",
- "ID": "CVE-2021-33193",
- "STATE": "PUBLIC",
- "TITLE": "Request splitting via HTTP/2 method injection and mod_proxy"
- },
- "affects": {
- "vendor": {
- "vendor_data": [
- {
- "product": {
- "product_data": [
- {
- "product_name": "Apache HTTP Server",
- "version": {
- "version_data": [
- {
- "version_affected": "<=",
- "version_name": "Apache HTTP Server 2.4",
- "version_value": "2.4.48"
- },
- {
- "version_affected": "!<",
- "version_name": "Apache HTTP Server 2.4",
- "version_value": "2.4.17"
- }
- ]
- }
- }
- ]
- },
- "vendor_name": "Apache Software Foundation"
- }
- ]
- }
- },
- "credit": [
- {
- "lang": "eng",
- "value": "Reported by James Kettle of PortSwigger"
- }
- ],
- "data_format": "MITRE",
- "data_type": "CVE",
- "data_version": "4.0",
- "description": {
- "description_data": [
- {
- "lang": "eng",
- "value": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning.\n\nThis issue affects Apache HTTP Server 2.4.17 to 2.4.48."
- }
- ]
- },
- "generator": {
- "engine": "Vulnogram 0.0.9"
- },
- "impact": [
- {
- "other": "moderate"
- }
- ],
- "problemtype": {
- "problemtype_data": [
- {
- "description": [
- {
- "lang": "eng",
- "value": "Request Splitting"
- }
- ]
- }
- ]
- },
- "references": {
- "reference_data": [
- {
- "refsource": "CONFIRM",
- "url": "https://portswigger.net/research/http2"
- },
- {
- "refsource": "CONFIRM",
- "url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
- }
- ]
- },
- "source": {
- "discovery": "UNKNOWN"
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
},
+ "references": {},
"timeline": [
{
+ "time": "2007-12-15",
"lang": "eng",
- "time": "2021-05-11",
"value": "reported"
},
{
+ "time": "2008-01-02",
"lang": "eng",
- "time": "2021-08-06",
"value": "public"
},
{
+ "time": "2008-01-19",
"lang": "eng",
- "time": "2021-09-16",
- "value": "2.4.49 released"
- }
- ]
- },
- {
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
- "generator": {
- "engine": "xmltojsonmjc 1.0"
- },
- "references": {},
- "timeline": [
- {
- "time": "2004-08-05",
- "lang": "eng",
- "value": "reported"
+ "value": "2.2.8 released"
},
{
- "time": "2004-09-15",
+ "time": "2008-01-19",
"lang": "eng",
- "value": "public"
+ "value": "2.0.63 released"
},
{
- "time": "2004-09-15",
+ "time": "2008-01-19",
"lang": "eng",
- "value": "2.0.51 released"
+ "value": "1.3.41 released"
}
],
"CNA_private": {
@@ -7612,9 +7311,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2004-09-15",
- "ID": "CVE-2004-0747",
- "TITLE": "Environment variable expansion flaw"
+ "DATE_PUBLIC": "2008-01-02",
+ "ID": "CVE-2007-6388",
+ "TITLE": "mod_status XSS"
},
"source": {
"defect": [],
@@ -7627,29 +7326,23 @@
"description": [
{
"lang": "eng",
- "value": "Environment variable expansion flaw"
+ "value": "mod_status XSS"
}
]
}
]
},
- "credit": [
- {
- "lang": "eng",
- "value": "We would like to thank the Swedish IT Incident Centre (SITIC) for reporting this issue."
- }
- ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user."
+ "value": "A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "moderate"
}
],
"affects": {
@@ -7663,6 +7356,76 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
{
"version_name": "2.0",
"version_affected": "=",
@@ -7732,6 +7495,131 @@
"version_name": "2.0",
"version_affected": "=",
"version_value": "2.0.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.39"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.37"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.36"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
}
]
}
@@ -7753,19 +7641,24 @@
"references": {},
"timeline": [
{
- "time": "2004-08-25",
+ "time": "2014-06-16",
"lang": "eng",
"value": "reported"
},
{
- "time": "2004-09-15",
+ "time": "2014-07-14",
"lang": "eng",
"value": "public"
},
{
- "time": "2004-09-15",
+ "time": "2014-07-15",
"lang": "eng",
- "value": "2.0.51 released"
+ "value": "2.4.10 released"
+ },
+ {
+ "time": "2014-09-03",
+ "lang": "eng",
+ "value": "2.2.29 released"
}
],
"CNA_private": {
@@ -7775,9 +7668,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2004-09-15",
- "ID": "CVE-2004-0786",
- "TITLE": "IPv6 URI parsing heap overflow"
+ "DATE_PUBLIC": "2014-07-14",
+ "ID": "CVE-2014-0231",
+ "TITLE": "mod_cgid denial of service"
},
"source": {
"defect": [],
@@ -7790,23 +7683,29 @@
"description": [
{
"lang": "eng",
- "value": "IPv6 URI parsing heap overflow"
+ "value": "mod_cgid denial of service"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "This issue was reported by Rainer Jung of the ASF"
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution."
+ "value": "A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service."
}
]
},
"impact": [
{
- "other": "critical"
+ "other": "important"
}
],
"affects": {
@@ -7821,74 +7720,169 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.50"
+ "version_value": "2.4.9"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.49"
+ "version_value": "2.4.7"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.48"
+ "version_value": "2.4.6"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.47"
+ "version_value": "2.4.4"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.46"
+ "version_value": "2.4.3"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.45"
+ "version_value": "2.4.2"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.44"
+ "version_value": "2.4.1"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.43"
+ "version_value": "2.2.27"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.42"
+ "version_value": "2.2.26"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.40"
+ "version_value": "2.2.25"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.39"
+ "version_value": "2.2.24"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.37"
+ "version_value": "2.2.23"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.36"
+ "version_value": "2.2.22"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.35"
+ "version_value": "2.2.21"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.20"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.19"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.18"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.17"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.16"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.15"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.14"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.13"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.12"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
}
]
}
@@ -7910,24 +7904,19 @@
"references": {},
"timeline": [
{
- "time": "2017-05-06",
+ "time": "2019-01-01",
"lang": "eng",
"value": "reported"
},
{
- "time": "2017-06-19",
+ "time": "2019-01-22",
"lang": "eng",
"value": "public"
},
{
- "time": "2017-06-19",
- "lang": "eng",
- "value": "2.4.26 released"
- },
- {
- "time": "2017-07-11",
+ "time": "2019-02-28",
"lang": "eng",
- "value": "2.2.34 released"
+ "value": "2.4.38 released"
}
],
"CNA_private": {
@@ -7937,9 +7926,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2017-06-19",
- "ID": "CVE-2017-7668",
- "TITLE": "ap_find_token() Buffer Overread"
+ "DATE_PUBLIC": "2019-01-22",
+ "ID": "CVE-2019-0190",
+ "TITLE": "mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1"
},
"source": {
"defect": [],
@@ -7952,7 +7941,7 @@
"description": [
{
"lang": "eng",
- "value": "ap_find_token() Buffer Overread"
+ "value": "mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1"
}
]
}
@@ -7961,14 +7950,14 @@
"credit": [
{
"lang": "eng",
- "value": "We would like to thank Javier Jim\u00e9nez (javijmor@gmail.com) for reporting this issue."
+ "value": "The issue was discovered through user bug reports."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value."
+ "value": "A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts."
}
]
},
@@ -7991,12 +7980,7 @@
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.25"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.32"
+ "version_value": "2.4.37"
}
]
}
@@ -8018,19 +8002,14 @@
"references": {},
"timeline": [
{
- "time": "2015-02-03",
- "lang": "eng",
- "value": "reported"
- },
- {
- "time": "2015-03-05",
+ "time": "2002-04-22",
"lang": "eng",
"value": "public"
},
{
- "time": "2015-07-15",
+ "time": "2002-05-08",
"lang": "eng",
- "value": "2.4.16 released"
+ "value": "2.0.36 released"
}
],
"CNA_private": {
@@ -8040,9 +8019,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2015-03-05",
- "ID": "CVE-2015-0253",
- "TITLE": "Crash in ErrorDocument 400 handling"
+ "DATE_PUBLIC": "2002-04-22",
+ "ID": "CVE-2002-1592",
+ "TITLE": "Warning messages could be displayed to users"
},
"source": {
"defect": [],
@@ -8055,7 +8034,7 @@
"description": [
{
"lang": "eng",
- "value": "Crash in ErrorDocument 400 handling"
+ "value": "Warning messages could be displayed to users"
}
]
}
@@ -8065,7 +8044,7 @@
"description_data": [
{
"lang": "eng",
- "value": "A crash in ErrorDocument handling was found. If ErrorDocument 400 was configured pointing to a local URL-path with the INCLUDES filter active, a NULL dereference would occur when handling the error, causing the child process to crash. This issue affected the 2.4.12 release only."
+ "value": "In some cases warning messages could get returned to end users in addition to being recorded in the error log. This could reveal the path to a CGI script for example, a minor security exposure."
}
]
},
@@ -8086,9 +8065,9 @@
"version": {
"version_data": [
{
- "version_name": "2.4",
+ "version_name": "2.0",
"version_affected": "=",
- "version_value": "2.4.12"
+ "version_value": "2.0.35"
}
]
}
@@ -8110,14 +8089,24 @@
"references": {},
"timeline": [
{
- "time": "2004-05-17",
+ "time": "2013-12-10",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2014-03-17",
"lang": "eng",
"value": "public"
},
{
- "time": "2004-07-01",
+ "time": "2014-03-17",
"lang": "eng",
- "value": "2.0.50 released"
+ "value": "2.4.9 released"
+ },
+ {
+ "time": "2014-03-26",
+ "lang": "eng",
+ "value": "2.2.27 released"
}
],
"CNA_private": {
@@ -8127,9 +8116,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2004-05-17",
- "ID": "CVE-2004-0488",
- "TITLE": "FakeBasicAuth overflow"
+ "DATE_PUBLIC": "2014-03-17",
+ "ID": "CVE-2013-6438",
+ "TITLE": "mod_dav crash"
},
"source": {
"defect": [],
@@ -8142,23 +8131,29 @@
"description": [
{
"lang": "eng",
- "value": "FakeBasicAuth overflow"
+ "value": "mod_dav crash"
}
]
}
]
},
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "This issue was reported by Ning Zhang & Amin Tora of Neustar"
+ }
+ ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A buffer overflow in the mod_ssl FakeBasicAuth code could be exploited by an attacker using a (trusted) client certificate with a subject DN field which exceeds 6K in length."
+ "value": "XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "moderate"
}
],
"affects": {
@@ -8173,69 +8168,159 @@
"version": {
"version_data": [
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.49"
+ "version_value": "2.4.7"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.48"
+ "version_value": "2.4.6"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.47"
+ "version_value": "2.4.4"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.46"
+ "version_value": "2.4.3"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.45"
+ "version_value": "2.4.2"
},
{
- "version_name": "2.0",
+ "version_name": "2.4",
"version_affected": "=",
- "version_value": "2.0.44"
+ "version_value": "2.4.1"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.43"
+ "version_value": "2.2.26"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.42"
+ "version_value": "2.2.25"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.40"
+ "version_value": "2.2.24"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.39"
+ "version_value": "2.2.23"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.37"
+ "version_value": "2.2.22"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.36"
+ "version_value": "2.2.21"
},
{
- "version_name": "2.0",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "2.0.35"
+ "version_value": "2.2.20"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.19"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.18"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.17"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.16"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.15"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.14"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.13"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.12"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
}
]
}
@@ -8257,24 +8342,19 @@
"references": {},
"timeline": [
{
- "time": "2009-12-09",
+ "time": "2004-03-02",
"lang": "eng",
"value": "reported"
},
{
- "time": "2009-12-09",
+ "time": "2004-03-20",
"lang": "eng",
"value": "public"
},
{
- "time": "2010-03-05",
- "lang": "eng",
- "value": "2.2.15 released"
- },
- {
- "time": "2010-10-19",
+ "time": "2005-02-08",
"lang": "eng",
- "value": "2.0.64 released"
+ "value": "2.0.53 released"
}
],
"CNA_private": {
@@ -8284,9 +8364,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2009-12-09",
- "ID": "CVE-2010-0434",
- "TITLE": "Subrequest handling of request headers (mod_headers)"
+ "DATE_PUBLIC": "2004-03-20",
+ "ID": "CVE-2004-1834",
+ "TITLE": "mod_disk_cache stores sensitive headers"
},
"source": {
"defect": [],
@@ -8299,23 +8379,17 @@
"description": [
{
"lang": "eng",
- "value": "Subrequest handling of request headers (mod_headers)"
+ "value": "mod_disk_cache stores sensitive headers"
}
]
}
]
},
- "credit": [
- {
- "lang": "eng",
- "value": "We would like to thank Philip Pickett of VMware for reporting and proposing a fix for this issue."
- }
- ],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving po [...]
+ "value": "The experimental mod_disk_cache module stored client authentication credentials for cached objects such as proxy authentication credentials and Basic Authentication passwords on disk."
}
]
},
@@ -8335,106 +8409,6 @@
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.14"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.13"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.12"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.11"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.10"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.9"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.8"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.6"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.5"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.4"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.3"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.2"
- },
- {
- "version_name": "2.2",
- "version_affected": "=",
- "version_value": "2.2.0"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.63"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.61"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.59"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.58"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.55"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.54"
- },
- {
- "version_name": "2.0",
- "version_affected": "=",
- "version_value": "2.0.53"
- },
{
"version_name": "2.0",
"version_affected": "=",
@@ -8535,19 +8509,19 @@
"references": {},
"timeline": [
{
- "time": "2013-08-05",
+ "time": "2016-06-30",
"lang": "eng",
"value": "reported"
},
{
- "time": "2015-06-09",
+ "time": "2016-07-05",
"lang": "eng",
"value": "public"
},
{
- "time": "2015-07-15",
+ "time": "2016-07-05",
"lang": "eng",
- "value": "2.4.16 released"
+ "value": "2.4.23 released"
}
],
"CNA_private": {
@@ -8557,9 +8531,9 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2015-06-09",
- "ID": "CVE-2015-3185",
- "TITLE": "ap_some_auth_required API unusable"
+ "DATE_PUBLIC": "2016-07-05",
+ "ID": "CVE-2016-4979",
+ "TITLE": "TLS/SSL X.509 client certificate auth bypass with HTTP/2"
},
"source": {
"defect": [],
@@ -8572,7 +8546,7 @@
"description": [
{
"lang": "eng",
- "value": "ap_some_auth_required API unusable"
+ "value": "TLS/SSL X.509 client certificate auth bypass with HTTP/2"
}
]
}
@@ -8581,20 +8555,20 @@
"credit": [
{
"lang": "eng",
- "value": "This issue was reported by Ben Reser."
+ "value": "This issue was reported by Erki Aring."
}
],
"description": {
"description_data": [
{
"lang": "eng",
- "value": "A design error in the \"ap_some_auth_required\" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for authorization as well and can appear in configurations even when no authentication is required and the request is entirely unrestricted. This could lead to mod [...]
+ "value": "For configurations enabling support for HTTP/2, SSL client certificate validation was not enforced if configured, allowing clients unauthorized access to protected resources over HTTP/2. This issue affected releases 2.4.18 and 2.4.20 only."
}
]
},
"impact": [
{
- "other": "low"
+ "other": "important"
}
],
"affects": {
@@ -8611,67 +8585,119 @@
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.12"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.10"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.9"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.7"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.6"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.5"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.4"
- },
- {
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.3"
+ "version_value": "2.4.20"
},
{
"version_name": "2.4",
"version_affected": "=",
- "version_value": "2.4.2"
- },
+ "version_value": "2.4.18"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ },
+ {
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "ID": "CVE-2021-36160",
+ "STATE": "READY",
+ "TITLE": "mod_proxy_uwsgi out of bound read"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.1"
+ "version_affected": "<=",
+ "version_name": "Apache HTTP Server 2.4",
+ "version_value": "2.4.48"
},
{
- "version_name": "2.4",
- "version_affected": "=",
- "version_value": "2.4.0"
+ "version_affected": "!<",
+ "version_name": "Apache HTTP Server 2.4",
+ "version_value": "2.4.30"
}
]
}
}
]
- }
+ },
+ "vendor_name": "Apache Software Foundation"
}
]
}
- }
+ },
+ "credit": [
+ {
+ "lang": "eng",
+ "value": "LI ZHI XIN from NSFocus Security Team"
+ }
+ ],
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).\n\nThis issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive)."
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.0.9"
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-125 out of bound read"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "CONFIRM"
+ }
+ ]
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "timeline": [
+ {
+ "lang": "eng",
+ "time": "2021-04-26",
+ "value": "reported"
+ },
+ {
+ "lang": "eng",
+ "time": "2021-09-16",
+ "value": "2.4.49 release"
+ }
+ ]
},
{
"data_type": "CVE",
@@ -8683,19 +8709,19 @@
"references": {},
"timeline": [
{
- "time": "2003-07-04",
+ "time": "2011-12-30",
"lang": "eng",
"value": "reported"
},
{
- "time": "2003-07-18",
+ "time": "2011-11-28",
"lang": "eng",
"value": "public"
},
{
- "time": "2003-07-18",
+ "time": "2012-01-31",
"lang": "eng",
- "value": "1.3.28 released"
+ "value": "2.2.22 released"
}
],
"CNA_private": {
@@ -8705,10 +8731,10 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "2003-07-18",
- "ID": "CVE-2003-0460",
- "TITLE": "RotateLogs DoS"
- },
+ "DATE_PUBLIC": "2011-11-28",
+ "ID": "CVE-2012-0021",
+ "TITLE": "mod_log_config crash"
+ },
"source": {
"defect": [],
"advisory": "",
@@ -8720,7 +8746,7 @@
"description": [
{
"lang": "eng",
- "value": "RotateLogs DoS"
+ "value": "mod_log_config crash"
}
]
}
@@ -8730,13 +8756,13 @@
"description_data": [
{
"lang": "eng",
- "value": "The rotatelogs support program on Win32 and OS/2 would quit logging and exit if it received special control characters such as 0x1A."
+ "value": "A flaw was found in mod_log_config. If the '%{cookiename}C' log format string is in use, a remote attacker could send a specific cookie causing a crash. This crash would only be a denial of service if using a threaded MPM."
}
]
},
"impact": [
{
- "other": "important"
+ "other": "low"
}
],
"affects": {
@@ -8751,89 +8777,29 @@
"version": {
"version_data": [
{
- "version_name": "1.3",
+ "version_name": "2.2",
"version_affected": "=",
- "version_value": "1.3.27"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.26"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.24"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.22"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.20"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.19"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.17"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.14"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.12"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
- "version_value": "1.3.11"
- },
- {
- "version_name": "1.3",
- "version_affected": "?=",
... 34394 lines suppressed ...