The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Apache httpd

Apache httpd: infinite loop via mod_ssl OpenSSL 1.1.1 Client Renegotiations
An attacker can trigger an infinite loop via mod_ssl OpenSSL 1.1.1 Client Renegotiations of Apache httpd, in order to trigger a denial of service...
bulletinapr2019, CERTFR-2019-AVI-031, CVE-2019-0190, ibm10872490, SSA:2019-022-01, VIGILANCE-VUL-28331
Apache httpd: privilege escalation via mod_session_cookie Ignored Expiry Time
An attacker can bypass restrictions via mod_session_cookie Ignored Expiry Time of Apache httpd, in order to escalate his privileges...
bulletinapr2019, CERTFR-2019-AVI-031, CVE-2018-17199, DLA-1647-1, DSA-4422-1, HPESBUX03950, ibm10869064, ibm10872490, ibm10876972, openSUSE-SU-2019:0296-1, openSUSE-SU-2019:0305-1, RHSA-2019:4126-01, RHSA-2020:1121-01, SSA:2019-022-01, SUSE-SU-2019:0498-1, SUSE-SU-2019:0504-1, USN-3937-1, VIGILANCE-VUL-28330
Apache httpd: denial of service via mod_http2
An attacker can trigger a fatal error via mod_http2 of Apache httpd, in order to trigger a denial of service...
bulletinapr2019, CERTFR-2019-AVI-031, CVE-2018-17189, DSA-4422-1, HPESBUX03950, ibm10872490, openSUSE-SU-2019:0296-1, openSUSE-SU-2019:0305-1, RHSA-2019:4126-01, SSA:2019-022-01, SUSE-SU-2019:0498-1, SUSE-SU-2019:0504-1, USN-3937-1, VIGILANCE-VUL-28329
Apache httpd: denial of service via HTTP/2 SETTINGS
An attacker can generate a fatal error via HTTP/2 SETTINGS of Apache httpd, in order to trigger a denial of service...
bulletinjan2019, CERTFR-2018-AVI-490, CVE-2018-11763, ibm10735045, openSUSE-SU-2018:3185-1, openSUSE-SU-2018:3713-1, openSUSE-SU-2019:0084-1, openSUSE-SU-2019:1547-1, openSUSE-SU-2019:1814-1, RHSA-2018:3558-01, SUSE-SU-2018:3101-1, SUSE-SU-2018:3572-1, SUSE-SU-2018:3582-1, SUSE-SU-2018:3582-2, USN-3783-1, VIGILANCE-VUL-27316, ZDI-18-1369
Apache httpd: information disclosure via HTTP Response Splitting
An attacker can bypass access restrictions to data via HTTP Response Splitting of Apache httpd, in order to obtain sensitive information...
CVE-2016-4975, openSUSE-SU-2018:2856-1, SUSE-SU-2018:2554-1, SUSE-SU-2018:2815-1, VIGILANCE-VUL-27023
Apache httpd: NULL pointer dereference via mod_md
An attacker can force a NULL pointer to be dereferenced via mod_md of Apache httpd, in order to trigger a denial of service...
bulletinjul2018, CVE-2018-8011, FEDORA-2018-49d3b42425, ibm10720141, openSUSE-SU-2018:2433-1, SSA:2018-199-01, SUSE-SU-2018:2424-1, VIGILANCE-VUL-26781
Apache httpd: denial of service via HTTP/2
An attacker can generate a fatal error via HTTP/2 of Apache httpd, in order to trigger a denial of service...
CVE-2018-1333, ibm10720141, openSUSE-SU-2018:2397-1, openSUSE-SU-2018:2433-1, RHSA-2018:3558-01, SSA:2018-199-01, SUSE-SU-2018:2336-1, SUSE-SU-2018:2424-1, USN-3783-1, VIGILANCE-VUL-26780
Apache httpd: privilege escalation via mod_session CGI Applications
An attacker can bypass restrictions via mod_session CGI Applications of Apache httpd, in order to escalate his privileges...
CVE-2018-1283, DSA-4164-1, FEDORA-2018-375e3244b6, openSUSE-SU-2018:1198-1, RHSA-2018:3558-01, SUSE-SU-2018:0879-1, SUSE-SU-2018:0901-1, USN-3627-1, USN-3627-2, VIGILANCE-VUL-25642
Apache httpd: denial of service via mod_authnz_ldap
An attacker can generate a fatal error via mod_authnz_ldap of Apache httpd, in order to trigger a denial of service...
CVE-2017-15710, DLA-1389-1, DSA-4164-1, FEDORA-2018-375e3244b6, openSUSE-SU-2018:1198-1, RHSA-2018:3558-01, RHSA-2020:1121-01, SUSE-SU-2018:0879-1, SUSE-SU-2018:0901-1, USN-3627-1, USN-3627-2, USN-3937-2, VIGILANCE-VUL-25641
Apache httpd: file reading via FilesMatch Newline
A local attacker can read a file via FilesMatch Newline of Apache httpd, in order to obtain sensitive information...
CVE-2017-15715, DSA-4164-1, FEDORA-2018-375e3244b6, openSUSE-SU-2018:1198-1, RHSA-2018:3558-01, SUSE-SU-2018:0879-1, SUSE-SU-2018:0901-1, USN-3627-1, USN-3627-2, VIGILANCE-VUL-25640
Our database contains other pages. You can request a free trial to read them.

Display information about Apache httpd: