Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Http Server
Total 322 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-2161 1 Apache 1 Http Server 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
CVE-2017-9798 2 Apache, Debian 2 Http Server, Debian Linux 2025-04-20 5.0 MEDIUM 7.5 HIGH
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
CVE-2016-0736 1 Apache 1 Http Server 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.
CVE-2017-7679 1 Apache 1 Http Server 2025-04-20 7.5 HIGH 9.8 CRITICAL
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
CVE-2017-9788 6 Apache, Apple, Debian and 3 more 16 Http Server, Mac Os X, Debian Linux and 13 more 2025-04-20 6.4 MEDIUM 9.1 CRITICAL
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.
CVE-2016-8743 4 Apache, Debian, Netapp and 1 more 12 Http Server, Debian Linux, Clustered Data Ontap and 9 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.
CVE-1999-0236 2 Apache, Illinois 2 Http Server, Ncsa Httpd 2025-04-20 5.0 MEDIUM 7.5 HIGH
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
CVE-2017-9789 1 Apache 1 Http Server 2025-04-20 5.0 MEDIUM 7.5 HIGH
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.
CVE-2014-3250 3 Apache, Puppet, Redhat 3 Http Server, Puppet, Linux 2025-04-20 4.0 MEDIUM 6.5 MEDIUM
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4.
CVE-2014-8109 4 Apache, Canonical, Fedoraproject and 1 more 4 Http Server, Ubuntu Linux, Fedora and 1 more 2025-04-12 4.3 MEDIUM N/A
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.
CVE-2014-3583 3 Apache, Apple, Canonical 4 Http Server, Mac Os X, Os X Server and 1 more 2025-04-12 5.0 MEDIUM N/A
The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.
CVE-2013-6438 3 Apache, Canonical, Oracle 3 Http Server, Ubuntu Linux, Http Server 2025-04-12 5.0 MEDIUM N/A
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
CVE-2014-0098 3 Apache, Canonical, Oracle 4 Http Server, Ubuntu Linux, Http Server and 1 more 2025-04-12 5.0 MEDIUM N/A
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
CVE-2016-1546 1 Apache 1 Http Server 2025-04-12 4.3 MEDIUM 5.9 MEDIUM
The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via modified flow-control windows.
CVE-2016-8740 1 Apache 1 Http Server 2025-04-12 5.0 MEDIUM 7.5 HIGH
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request.
CVE-2014-0231 1 Apache 1 Http Server 2025-04-12 5.0 MEDIUM N/A
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
CVE-2016-5387 8 Apache, Canonical, Debian and 5 more 21 Http Server, Ubuntu Linux, Debian Linux and 18 more 2025-04-12 6.8 MEDIUM 8.1 HIGH
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
CVE-2014-3581 4 Apache, Canonical, Oracle and 1 more 9 Http Server, Ubuntu Linux, Enterprise Manager Ops Center and 6 more 2025-04-12 5.0 MEDIUM N/A
The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.
CVE-2014-0226 4 Apache, Debian, Oracle and 1 more 7 Http Server, Debian Linux, Enterprise Manager Ops Center and 4 more 2025-04-12 6.8 MEDIUM N/A
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
CVE-2015-3184 2 Apache, Apple 3 Http Server, Subversion, Xcode 2025-04-12 5.0 MEDIUM N/A
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name.