Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Server

Apache HTTP Server

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The goal of this project is to provide a secure efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Official Site:

https://httpd.apache.org/

Severity Summary:

Critical: 36 High: 108 Medium: 165 Low: 14
Reference
Title
Severity
CVE-2024-43204
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2024-47252
Apache HTTP Server Improper Neutralization of Escape Meta or Control Sequences Vulnerability
High
CVE-2009-1890
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability
High
CVE-2019-0211
Apache HTTP Server Use After Free Vulnerability
High
CVE-2023-28625
Apache HTTP Server NULL Pointer Dereference Vulnerability
High
CVE-2009-1955
Apache HTTP Server Improper Restriction of Recursive Entity References in DTDs (XML Entity Expansion) Vulnerability
High
CVE-2004-0940
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability
High
CVE-2002-1850
Apache HTTP Server Improper Locking Vulnerability
High
CVE-2002-2029
Apache HTTP Server Other Vulnerability
High
CVE-2004-0174
Apache HTTP Server Improper Locking Vulnerability
High
CVE-2024-40898
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2004-0747
Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability
High
CVE-2019-9517
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability
High
CVE-2021-41773
Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2025-49630
Apache HTTP Server Reachable Assertion Vulnerability
High
CVE-2023-43622
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability
High
CVE-2024-27316
Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability
High
CVE-2023-31122
Apache HTTP Server Out-of-bounds Read Vulnerability
High
CVE-2023-27522
Apache HTTP Server Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
High
CVE-2006-20001
Apache HTTP Server Out-of-bounds Write Vulnerability
High
CVE-2024-38477
Apache HTTP Server NULL Pointer Dereference Vulnerability
High
CVE-1999-0236
Apache HTTP Server Vulnerability
High
CVE-2021-33193
Apache HTTP Server Other Vulnerability
High
CVE-2025-53020
Apache HTTP Server Missing Release of Memory after Effective Lifetime Vulnerability
High
CVE-2025-49812
Apache HTTP Server Improper Authentication Vulnerability
High
CVE-2002-2272
Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
High
CVE-2020-13950
Apache HTTP Server NULL Pointer Dereference Vulnerability
High
CVE-2017-7659
Apache HTTP Server NULL Pointer Dereference Vulnerability
High
CVE-2004-2343
Apache HTTP Server Other Vulnerability
High
CVE-2017-15715
Apache HTTP Server Improper Input Validation Vulnerability
High