Web Server

Apache HTTP Server

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The goal of this project is to provide a secure efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Official Site:

https://httpd.apache.org/

Severity Summary:

Critical: 32 High: 96 Medium: 157 Low: 14

Reference

Title

Severity

CVE-2003-1580

Apache HTTP Server Numeric Errors Vulnerability

Medium

CVE-2008-2168

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2007-6203

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2020-13938

Apache HTTP Server Missing Authorization Vulnerability

Medium

CVE-2019-17567

Apache HTTP Server Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability

Medium

CVE-2007-1743

Apache HTTP Server Other Vulnerability

Medium

CVE-2018-17189

Apache HTTP Server Uncontrolled Resource Consumption Vulnerability

Medium

CVE-2001-0925

Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability

Medium

CVE-2007-3303

Apache HTTP Server Improper Control of Generation of Code (Code Injection) Vulnerability

Medium

CVE-2007-1862

Apache HTTP Server Other Vulnerability

Medium

CVE-2000-1206

Apache HTTP Server Other Vulnerability

Medium

CVE-2007-6514

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Medium

CVE-2007-6422

Apache HTTP Server Resource Management Errors Vulnerability

Medium

CVE-2007-6420

Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability

Medium

CVE-2013-5704

Apache HTTP Server Vulnerability

Medium

CVE-2009-3094

Apache HTTP Server NULL Pointer Dereference Vulnerability

Low

CVE-2012-2687

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

CVE-2011-4415

Apache HTTP Server Improper Input Validation Vulnerability

Low

CVE-2008-0456

Apache HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability

Low

CVE-2001-0131

Apache HTTP Server Improper Link Resolution Before File Access (Link Following) Vulnerability

Low

CVE-2003-1581

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

CVE-2007-6421

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

CVE-2004-1834

Apache HTTP Server Other Vulnerability

Low

CVE-2024-36387

Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2

Low

CVE-2004-1387

Apache HTTP Server Other Vulnerability

Low

CVE-2001-1534

Apache HTTP Server Session Fixation Vulnerability

Low

CVE-2012-0021

Apache HTTP Server Improper Input Validation Vulnerability

Low

CVE-2002-1233

Apache HTTP Server Other Vulnerability

Low

CVE-2007-1742

Apache HTTP Server Other Vulnerability

Low