Max CVSS 7.8 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-9490 5.0
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via
06-06-2021 - 11:15 07-08-2020 - 16:15
CVE-2019-9517 7.8
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so
06-06-2021 - 11:15 13-08-2019 - 21:15
CVE-2020-1934 5.0
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
06-06-2021 - 11:15 01-04-2020 - 20:15
CVE-2019-0220 5.0
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions
06-06-2021 - 11:15 11-06-2019 - 21:29
CVE-2019-0215 6.0
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
06-06-2021 - 11:15 08-04-2019 - 20:29
Back to Top Mark selected
Back to Top