Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-9798 | 5.0 |
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2
|
06-06-2021 - 11:15 | 18-09-2017 - 15:29 | |
CVE-2017-7679 | 7.5 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
|
06-06-2021 - 11:15 | 20-06-2017 - 01:29 | |
CVE-2017-9788 | 6.4 |
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial ke
|
06-06-2021 - 11:15 | 13-07-2017 - 16:29 | |
CVE-2017-3169 | 7.5 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
|
06-06-2021 - 11:15 | 20-06-2017 - 01:29 | |
CVE-2017-3167 | 7.5 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
|
06-06-2021 - 11:15 | 20-06-2017 - 01:29 |