apache2: Multiple vulnerabilities (CVE-2020-9490, CVE-2020-11984, CVE-2020-11993)ID: oval:org.secpod.oval:def:1801864 | Date: (C)2021-03-15 (M)2024-05-06 |
Class: PATCH | Family: unix |
A specially crafted value for the "Cache-Digest" header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Versions Affected: 2.4.20 to 2.4.43mod_proxy_uwsgi info disclosure and possible RCE. Versions Affected: 2.4.32 to 2.4.44When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Versions Affected: 2.4.20 to 2.4.43
Platform: |
Alpine Linux 3.10 |
Alpine Linux 3.11 |
Alpine Linux 3.12 |
Alpine Linux 3.13 |
Alpine Linux 3.9 |