Download
| Alert*
oval:org.secpod.oval:def:19500181
There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Dom ... oval:org.secpod.oval:def:4501169 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:1601532 A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest treat of this vulnerability is availability. A flaw was found in httpd. The inbound connection is ... oval:org.secpod.oval:def:78536 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:89046156 This update for apache2 fixes the following issues: - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22721: possible buffer overflow with very large or unlimited LimitXMLRequestBody . oval:org.secpod.oval:def:121783 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:89046151 This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in mod_sed . - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua . - CVE-2022-22721: possible buffer overflo ... oval:org.secpod.oval:def:1700890 A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest treat of this vulnerability is availability. A flaw was found in httpd. The inbound connection is ... oval:org.secpod.oval:def:2107667 Oracle Solaris 11 - ( CVE-2022-22720 ) oval:org.secpod.oval:def:2500567 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:1505545 [2.2.15-69.0.3] - core: Simpler connection close logic [CVE-2022-22720][Orabug: 33991577] oval:org.secpod.oval:def:89973 The remote host is missing a patch 152644-16 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:83790 The host is installed with Apache Http Server before 2.4.52 and is prone to a http request smuggling vulnerability. A flaw is present in the application, which fails to handle issues in closing inbound connection. Successful exploitation could allow remote attackers to gain access to sensitive data. oval:org.secpod.oval:def:121800 The Apache HTTP Server is a powerful, efficient, and extensible web server. oval:org.secpod.oval:def:506837 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:1505515 [2.4.6-97.0.5.5] - mod_session: save one apr_strtok [Orabug: 33338149][CVE-2021-26690] - replace index.html with Oracle"s index page oracle_index.html [2.4.6-97.5] - Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier oval:org.secpod.oval:def:89969 The remote host is missing a patch 152643-16 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89046172 This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in mod_sed . - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua . - CVE-2022-22721: possible buffer overflo ... oval:org.secpod.oval:def:1505517 httpd [2.4.37-43.0.2.3] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle"s index page oracle_index.html [2.4.37-43.3] - Resolves: #2065247 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier oval:org.secpod.oval:def:89046173 This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in mod_sed . - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua . - CVE-2022-22721: possible buffer overflo ... oval:org.secpod.oval:def:706353 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:79886 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:506804 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:89047577 This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in mod_sed . - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua . - CVE-2022-22721: possible buffer overflo ... oval:org.secpod.oval:def:506803 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:506808 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: * httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling For more details about the security issue, including the impact, a CVSS score, acknowle ... oval:org.secpod.oval:def:89046164 This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in mod_sed . - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua . - CVE-2022-22721: possible buffer overflo ... oval:org.secpod.oval:def:97612 [CLSA-2022:1648136177] Fixed CVEs in httpd: CVE-2022-22720, CVE-2022-22721 oval:org.secpod.oval:def:80133 The host is installed with Apple Catalina before 19H1922 or Apple Mac OS 12 before 12.4 or Apple Mac OS before 11.6.6 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to properly handle a validation issue. On successful exploitation, processing a maliciousl ... oval:org.secpod.oval:def:80148 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:80065 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:80066 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... |