Web Server

Apache HTTP Server

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The goal of this project is to provide a secure efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Official Site:

https://httpd.apache.org/

Severity Summary:

Critical: 30 High: 84 Medium: 152 Low: 15

Reference

Title

Severity

CVE-2018-17189

Apache HTTP Server Uncontrolled Resource Consumption Vulnerability

Medium

CVE-2011-4317

Apache HTTP Server Improper Input Validation Vulnerability

Medium

CVE-2007-6750

Apache HTTP Server Resource Management Errors Vulnerability

Medium

CVE-2012-1181

Apache HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Medium

CVE-2020-1927

Apache HTTP Server URL Redirection to Untrusted Site (Open Redirect) Vulnerability

Medium

CVE-2020-1934

Apache HTTP Server Use of Uninitialized Resource Vulnerability

Medium

CVE-2022-29404

Apache Denial of service in mod_lua r:parsebody Vulnerability

Medium

CVE-2022-28614

Apache read beyond bounds via ap_rwrite() Vulnerability

Medium

CVE-2007-1862

Apache HTTP Server Other Vulnerability

Medium

CVE-2001-0925

Apache HTTP Server Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability

Medium

CVE-2019-17567

Apache HTTP Server Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability

Medium

CVE-2008-2168

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2007-3303

Apache HTTP Server Improper Control of Generation of Code (Code Injection) Vulnerability

Medium

CVE-2007-6203

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2000-1206

Apache HTTP Server Other Vulnerability

Medium

CVE-2007-6514

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Medium

CVE-1999-0107

Apache HTTP Server Other Vulnerability

Medium

CVE-2007-6422

Apache HTTP Server Resource Management Errors Vulnerability

Medium

CVE-2007-6420

Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability

Medium

CVE-2021-30641

Apache HTTP Server Other Vulnerability

Medium

CVE-1999-0070

Apache HTTP Server Vulnerability

Medium

CVE-2009-3555

Apache HTTP Server Cryptographic Issues Vulnerability

Medium

CVE-2003-1580

Apache HTTP Server Numeric Errors Vulnerability

Medium

CVE-2020-13938

Apache HTTP Server Missing Authorization Vulnerability

Medium

CVE-2010-0010

Apache HTTP Server Numeric Errors Vulnerability

Medium

CVE-2000-0913

Apache HTTP Server Other Vulnerability

Medium

CVE-2007-6421

Apache HTTP Server Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

CVE-2011-4415

Apache HTTP Server Improper Input Validation Vulnerability

Low

CVE-2024-36387

Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2

Low

CVE-2008-0456

Apache HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability

Low