Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache http server 2.4.35 vulnerabilities and exploits

(subscribe to this query)
5.3
CVSSv3
CVE-2018-17189
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.
Apache Http Server 2.4.20Apache Http Server 2.4.23Apache Http Server 2.4.25Apache Http Server 2.4.26Apache Http Server 2.4.18Apache Http Server 2.4.17Apache Http Server 2.4.27Apache Http Server 2.4.29Apache Http Server 2.4.28Apache Http Server 2.4.33Apache Http Server 2.4.37Apache Http Server 2.4.30Apache Http Server 2.4.34Apache Http Server 2.4.35Netapp Santricity Cloud Connector -Netapp Storage Automation Store -Fedoraproject Fedora 28Fedoraproject Fedora 29Debian Debian Linux 9.0Oracle Retail Xstore Point Of Service 7.1Oracle Retail Xstore Point Of Service 7.0Oracle Hospitality Guest Access 4.2.0
7.2
CVSSv3
CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only b...
Apache Http Server 2.4.33Apache Http Server 2.4.37Apache Http Server 2.4.38Apache Http Server 2.4.34Apache Http Server 2.4.35Oracle Retail Xstore Point Of Service 7.1Oracle Enterprise Manager Ops Center 12.3.3Oracle Enterprise Manager Ops Center 12.4.0Oracle Instantis EnterprisetrackOracle Communications Element Manager 8.2.0Oracle Communications Element Manager 8.1.1Oracle Communications Element Manager 8.1.0Oracle Communications Element Manager 8.0.0Oracle Http Server 12.2.1.4.0Oracle Communications Session Report Manager 8.1.1Oracle Communications Session Report Manager 8.2.0Oracle Communications Session Report Manager 8.2.1Oracle Communications Session Route Manager 8.1.1Oracle Communications Session Route Manager 8.2.0Oracle Communications Session Route Manager 8.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook