Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-1927 | 5.8 |
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
|
25-07-2022 - 18:15 | 02-04-2020 - 00:15 | |
CVE-2020-1934 | 5.0 |
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
|
26-04-2022 - 17:05 | 01-04-2020 - 20:15 | |
CVE-2019-10098 | 5.8 |
In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
|
14-06-2021 - 18:15 | 25-09-2019 - 17:15 | |
CVE-2018-1283 | 3.5 |
In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION
|
06-06-2021 - 11:15 | 26-03-2018 - 15:29 | |
CVE-2018-1303 | 5.0 |
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of
|
06-06-2021 - 11:15 | 26-03-2018 - 15:29 | |
CVE-2017-15715 | 6.8 |
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some
|
06-06-2021 - 11:15 | 26-03-2018 - 15:29 |