ID CVE-2018-17189
Summary In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.
References
Vulnerable Configurations
  • cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.16:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.34:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.34:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.35:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.35:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.36:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.36:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.41:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.41:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.42:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.42:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.65:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.65:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.3.68:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.3.68:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:1.99:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:1.99:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.32:beta:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.32:beta:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.34:beta:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.34:beta:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.60:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.60:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.63:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.63:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.64:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.64:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.0.65:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.0.65:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.15-60:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.15-60:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.27:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.27:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.29:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.29:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.31:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.31:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.32:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.32:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.33:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.33:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.2.34:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.2.34:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.13:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.13:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.15:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.3.16:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.14:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.21:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.22:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.24:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.32:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.36:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*
    cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 23-07-2019 - 23:15)
Impact:
Exploitability:
CWE CWE-400
CAPEC
  • XML Entity Expansion
    An attacker submits an XML document to a target application where the XML document uses nested entity expansion to produce an excessively large output XML. XML allows the definition of macro-like structures that can be used to simplify the creation of complex structures. However, this capability can be abused to create excessive demands on a processor's CPU and memory. A small number of nested expansions can result in an exponential growth in demands on memory.
  • Regular Expression Exponential Blowup
    An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions. The algorithm builds a finite state machine and based on the input transitions through all the states until the end of the input is reached. NFA engines may evaluate each character in the input string multiple times during the backtracking. The algorithm tries each path through the NFA one by one until a match is found; the malicious input is crafted so every path is tried which results in a failure. Exploitation of the Regex results in programs hanging or taking a very long time to complete. These attacks may target various layers of the Internet due to regular expressions being used in validation.
  • XML Ping of the Death
    An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2019:3932
  • rhsa
    id RHSA-2019:3933
  • rhsa
    id RHSA-2019:3935
  • rhsa
    id RHSA-2019:4126
rpms
  • jbcs-httpd24-apr-0:1.6.3-63.jbcs.el6
  • jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el6
  • jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el6
  • jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el6
  • jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el6
  • jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el6
  • jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el6
  • jbcs-httpd24-curl-0:7.64.1-14.jbcs.el6
  • jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el6
  • jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-jansson-0:2.11-20.jbcs.el6
  • jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el6
  • jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el6
  • jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el6
  • jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el6
  • jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el6
  • jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el6
  • jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el6
  • jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el6
  • jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el6
  • jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el6
  • jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el6
  • jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el6
  • jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el6
  • jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el6
  • jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el6
  • jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el6
  • jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el6
  • jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el6
  • jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el6
  • jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el6
  • jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el6
  • jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el6
  • jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el6
  • jbcs-httpd24-apr-0:1.6.3-63.jbcs.el7
  • jbcs-httpd24-apr-debuginfo-0:1.6.3-63.jbcs.el7
  • jbcs-httpd24-apr-devel-0:1.6.3-63.jbcs.el7
  • jbcs-httpd24-apr-util-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-debuginfo-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-devel-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-ldap-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-mysql-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-nss-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-odbc-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-openssl-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-pgsql-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-apr-util-sqlite-0:1.6.1-48.jbcs.el7
  • jbcs-httpd24-brotli-0:1.0.6-7.jbcs.el7
  • jbcs-httpd24-brotli-debuginfo-0:1.0.6-7.jbcs.el7
  • jbcs-httpd24-brotli-devel-0:1.0.6-7.jbcs.el7
  • jbcs-httpd24-curl-0:7.64.1-14.jbcs.el7
  • jbcs-httpd24-curl-debuginfo-0:7.64.1-14.jbcs.el7
  • jbcs-httpd24-httpd-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-httpd-debuginfo-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-httpd-devel-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-httpd-manual-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-httpd-selinux-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-httpd-tools-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-jansson-0:2.11-20.jbcs.el7
  • jbcs-httpd24-jansson-debuginfo-0:2.11-20.jbcs.el7
  • jbcs-httpd24-jansson-devel-0:2.11-20.jbcs.el7
  • jbcs-httpd24-libcurl-0:7.64.1-14.jbcs.el7
  • jbcs-httpd24-libcurl-devel-0:7.64.1-14.jbcs.el7
  • jbcs-httpd24-mod_cluster-native-0:1.3.12-9.Final_redhat_2.jbcs.el7
  • jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.12-9.Final_redhat_2.jbcs.el7
  • jbcs-httpd24-mod_jk-ap24-0:1.2.46-22.redhat_1.jbcs.el7
  • jbcs-httpd24-mod_jk-debuginfo-0:1.2.46-22.redhat_1.jbcs.el7
  • jbcs-httpd24-mod_jk-manual-0:1.2.46-22.redhat_1.jbcs.el7
  • jbcs-httpd24-mod_ldap-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-mod_md-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-mod_proxy_html-1:2.4.37-33.jbcs.el7
  • jbcs-httpd24-mod_security-0:2.9.2-16.GA.jbcs.el7
  • jbcs-httpd24-mod_security-debuginfo-0:2.9.2-16.GA.jbcs.el7
  • jbcs-httpd24-mod_session-0:2.4.37-33.jbcs.el7
  • jbcs-httpd24-mod_ssl-1:2.4.37-33.jbcs.el7
  • jbcs-httpd24-nghttp2-0:1.39.2-4.jbcs.el7
  • jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-4.jbcs.el7
  • jbcs-httpd24-nghttp2-devel-0:1.39.2-4.jbcs.el7
  • jbcs-httpd24-openssl-1:1.1.1-25.jbcs.el7
  • jbcs-httpd24-openssl-debuginfo-1:1.1.1-25.jbcs.el7
  • jbcs-httpd24-openssl-devel-1:1.1.1-25.jbcs.el7
  • jbcs-httpd24-openssl-libs-1:1.1.1-25.jbcs.el7
  • jbcs-httpd24-openssl-perl-1:1.1.1-25.jbcs.el7
  • jbcs-httpd24-openssl-static-1:1.1.1-25.jbcs.el7
  • httpd24-0:1.1-19.el6
  • httpd24-0:1.1-19.el7
  • httpd24-build-0:1.1-19.el6
  • httpd24-httpd-0:2.4.34-15.el6
  • httpd24-httpd-0:2.4.34-15.el7
  • httpd24-httpd-debuginfo-0:2.4.34-15.el6
  • httpd24-httpd-debuginfo-0:2.4.34-15.el7
  • httpd24-httpd-devel-0:2.4.34-15.el6
  • httpd24-httpd-devel-0:2.4.34-15.el7
  • httpd24-httpd-manual-0:2.4.34-15.el6
  • httpd24-httpd-manual-0:2.4.34-15.el7
  • httpd24-httpd-tools-0:2.4.34-15.el6
  • httpd24-httpd-tools-0:2.4.34-15.el7
  • httpd24-libnghttp2-0:1.7.1-8.el6
  • httpd24-libnghttp2-0:1.7.1-8.el7
  • httpd24-libnghttp2-devel-0:1.7.1-8.el6
  • httpd24-libnghttp2-devel-0:1.7.1-8.el7
  • httpd24-mod_ldap-0:2.4.34-15.el6
  • httpd24-mod_ldap-0:2.4.34-15.el7
  • httpd24-mod_md-0:2.4.34-15.el7
  • httpd24-mod_proxy_html-1:2.4.34-15.el6
  • httpd24-mod_proxy_html-1:2.4.34-15.el7
  • httpd24-mod_session-0:2.4.34-15.el6
  • httpd24-mod_session-0:2.4.34-15.el7
  • httpd24-mod_ssl-1:2.4.34-15.el6
  • httpd24-mod_ssl-1:2.4.34-15.el7
  • httpd24-nghttp2-0:1.7.1-8.el6
  • httpd24-nghttp2-0:1.7.1-8.el7
  • httpd24-nghttp2-debuginfo-0:1.7.1-8.el6
  • httpd24-nghttp2-debuginfo-0:1.7.1-8.el7
  • httpd24-runtime-0:1.1-19.el6
  • httpd24-runtime-0:1.1-19.el7
  • httpd24-scldevel-0:1.1-19.el6
  • httpd24-scldevel-0:1.1-19.el7
  • httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29
  • mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29
  • mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29
  • mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611
  • mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611
  • mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611
  • mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7
  • mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7
refmap via4
bid 106685
bugtraq 20190403 [SECURITY] [DSA 4422-1] apache2 security update
confirm
debian DSA-4422
fedora
  • FEDORA-2019-0300c36537
  • FEDORA-2019-133a8a7cb5
gentoo GLSA-201903-21
misc
mlist
  • [httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
  • [httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
ubuntu USN-3937-1
Last major update 23-07-2019 - 23:15
Published 30-01-2019 - 22:29
Last modified 23-07-2019 - 23:15
Back to Top