|Max CVSS||7.8||Min CVSS||5.0||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via
|06-06-2021 - 11:15||07-08-2020 - 16:15|
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so
|06-06-2021 - 11:15||13-08-2019 - 21:15|
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
|06-06-2021 - 11:15||01-04-2020 - 20:15|
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions
|06-06-2021 - 11:15||11-06-2019 - 21:29|
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
|06-06-2021 - 11:15||08-04-2019 - 20:29|