175.111.88.29
{
"scan_id": 1770475284,
"ip": "175.111.88.29",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "175.111.88.0/22",
"postal_code": "",
"coordinates": {
"latitude": "-6.175",
"longitude": "106.8286"
},
"geo_point": "-6.175, 106.8286",
"locale_code": "en",
"continent": "Asia",
"country_code": "ID",
"country_name": "Indonesia",
"city": ""
},
"location_updated_at": "2026-02-09T12:43:58Z",
"asn": {
"number": "AS45705",
"organization": "Universitas Gadjah Mada",
"country_code": "ID"
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "175.111.88.0/22",
"organization": "PPTIK - UNIVERSITAS GADJAH MADA.",
"descr": "PPTIK - UNIVERSITAS GADJAH MADA.,\nUniversity / Direct Member IDNIC,\nJl. Pancasila, Bulaksumur,\nYogyakarta, 55281,\nDI Yogyakarta",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:26:54Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2026-02-09T12:43:58Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2026-02-09T14:45:47Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2026-02-09T12:43:58Z"
}
],
"hostnames": [
{
"name": "speedtest.ugm.ac.id",
"last_updated_at": "2026-02-09T14:45:47Z"
}
],
"services": [
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "2.4.7",
"product": "Apache httpd",
"extra_info": "(Ubuntu)",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server:2.4.7",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "2\\.4\\.7",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <script type=\"text/javascript\">!function(){\"use strict\";if(!window.performance){var n=new Date;window.performance={now:function(){return n-new Date}},window.performance.timing||(window.performance.timing={navigationStart:n,domLoading:n},document.onreadystatechange=function(){\"interactive\"===document.readyState?window.performance.timing.domInteractive=window.performance.now():\"complete\"===document.readyState&&(window.performance.timing.domComplete=window.performance.now())})}}();</script>\n <link rel=\"preload\" href=\"https://cdn.ziffstatic.com/jst/zdconsent.js\" as=\"script\">\n <script type=\"text/javascript\">window.zdconsent = window.zdconsent || {'run': [], 'cmd':[], 'useractioncomplete': [], 'analytics':[], 'functional':[], 'social':[] };</script>\n <script type=\"text/javascript\" id=\"zdconsent\" src=\"https://cdn.ziffstatic.com/jst/zdconsent.js\" async=\"true\"></script>\n <link rel=\"preload\" as=\"script\" href=\"https://cdn.ziffstatic.com/pg/speedtest.js\"> <script type=\"text/javascript\" id=\"pogo\" src=\"https://cdn.ziffstatic.com/pg/speedtest.js\" async=\"true\"></script> <link rel=\"preload\" as=\"style\" href=\"https://cdn.ziffstatic.com/pg/speedtest.css\" onload=\"this.onload=null;this.rel='stylesheet'\"> <link rel=\"preload\" as=\"script\" href=\"https://cdn.ziffstatic.com/pg/speedtest.prebid.js\"> <link rel=\"preload\" as=\"script\" href=\"https://securepubads.g.doubleclick.net/tag/js/gpt.js\"/>\n \n <meta charset=\"utf-8\">\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, minimal-ui\">\n <link rel=\"canonical\" href=\"https://www.speedtest.net/server/m\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/\" hreflang=\"x-default\"/>\n <script type=\"text/javascript\">\n window.zdconsent.analytics.push(function() {\n (function(e, t, o, n, p, r, i) { e.visitorGlobalObjectAlias = n; e[e.visitorGlobalObjectAlias] = e[e.visitorGlobalObjectAlias] || function() { (e[e.visitorGlobalObjectAlias].q = e[e.visitorGlobalObjectAlias].q || []).push(arguments) } ; e[e.visitorGlobalObjectAlias].l = (new Date).getTime(); r = t.createElement(\"script\"); r.src = o; r.async = true; i = t.getElementsByTagName(\"script\")[0]; i.parentNode.insertBefore(r, i) } )(window, document, \"https://diffuser-cdn.app-us1.com/diffuser/diffuser.js\", \"vgo\"); window.vgo('setAccount', '478502367'); window.vgo('setTrackByDefault', true); window.vgo('process');\n });\n </script>\n <link rel=\"alternate\" href=\"https://www.speedtest.net/ar\" hreflang=\"ar\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/de\" hreflang=\"de\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/\" hreflang=\"en\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/es\" hreflang=\"es\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/fr\" hreflang=\"fr\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/id\" hreflang=\"id\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/it\" hreflang=\"it\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/ja\" hreflang=\"ja\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/ko\" hreflang=\"ko\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/nl\" hreflang=\"nl\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/pl\" hreflang=\"pl\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/pt\" hreflang=\"pt\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/ru\" hreflang=\"ru\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/sv\" hreflang=\"sv\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/th\" hreflang=\"th\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/zh-Hans\" hreflang=\"zh-Hans\" />\n <link rel=\"alternate\" href=\"https://www.speedtest.net/zh-Hant\" hreflang=\"zh-Hant\" />\n \n <script src=\"https://accounts.google.com/gsi/client?hl=en\" async></script>\n <script type=\"text/javascript\" src=\"https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js\" async></script>\n \n <link rel=\"icon\" href=\"/favicon.ico\"><!-- 32×32 -->\n <link rel=\"icon\" href=\"//b.cdnst.net/images/favicons/favicon.svg\" type=\"image/svg+xml\">\n <link rel=\"apple-touch-icon\" href=\"//b.cdnst.net/images/favicons/favicon-180.png\"><!-- 180×180 -->\n <link rel=\"apple-touch-icon-precomposed\" href=\"//b.cdnst.net/images/favicons/favicon-180.png\">\n <link rel=\"manifest\" href=\"//b.cdnst.net/manifest.webmanifest\">\n \n \n <!-- preload small font files -->\n <link rel=\"preload\" as=\"font\" type=\"font/woff2\" crossorigin=\"anonymous\" href=\"/s/fonts/Montserrat-VariableFont_wght-kern-latin.woff2\">\n <link rel=\"preload\" as=\"font\" type=\"font/woff2\" crossorigin=\"anonymous\" href=\"/s/fonts/gaugemono-regular-webfont.woff2\">\n \n <!-- inline critical font-face styles -->\n <style>\n @font-face {\n font-family: \"Montserrat-Fixed\";\n src: url(\"/s/fonts/Montserrat-Regular-kern-latin.woff\") format(\"woff\");\n font-display: swap;\n }\n @font-face {\n font-family: \"Montserrat-Fixed\";\n src: url(\"/s/fonts/Montserrat-Bold-kern-latin.woff\") format(\"woff\");\n font-weight: 700;\n font-display: swap;\n }\n @font-face {\n font-family: \"Montserrat\";\n src: url(\"/s/fonts/Montserrat-VariableFont_wght-kern-latin.woff2\") format(\"woff2-variations\");\n font-weight: 1 999;\n font-display: swap;\n }\n @font-face {\n font-family: \"gauge-mono\";\n src:\n url(\"/s/fonts/gaugemono-regular-webfont.woff2\") format(\"woff2\"),\n url(\"/s/fonts/gaugemono-regular-webfont.woff\") format(\"woff\");\n font-display: swap;\n }\n </style>\n \n <!-- lazy load larger font files -->\n <script>\n if (\"fonts\" in document) {\n Promise.all([\n (new FontFace(\"Montserrat\",\n \"url('/s/fonts/Montserrat-VariableFont_wght-hint-all.woff2') format('woff2-variations')\",\n { \"weight\": \"1 999\" })).load(),\n (new FontFace(\"Montserrat\",\n \"url('/s/fonts/Montserrat-Italic-VariableFont_wght-hint-all.woff2') format('woff2-variations')\",\n { \"style\": \"italic\" })).load(),\n ]).then(function (fonts) {\n fonts.forEach(function (font) {\n document.fonts.add(font);\n });\n });\n }\n </script>\n \n <title>Speedtest by Ookla - The Global Broadband Speed Test</title>\n \n <meta name=\"description\" content=\"Use Speedtest on all your devices with our free desktop and mobile apps.\" />\n <meta name=\"keywords\" lang=\"en\" content=\"ookla,speed,test,speedtest,speed test,bandwidth speed test,internet speed test,broadband speed test,speakeasy,flash,cnet,internet,network,connection,broadband,bandwidth,latency,ping,throughput,download,upload,connection,dsl,adsl,cable,t1,isp,voip,ip,ip address,tcp\" />\n \n <meta property=\"fb:app_id\" content=\"113312902042192\" />\n <meta property=\"og:type\" content=\"website\" />\n <meta property=\"og:title\" content=\"Speedtest by Ookla - The Global Broadband Speed Test\" />\n <meta property=\"og:description\" content=\"Use Speedtest on all your devices with our free desktop and mobile apps.\" />\n <meta property=\"og:site_name\" content=\"Speedtest.net\" />\n <meta property=\"og:url\" content=\"https://www.speedtest.net/server/m\" />\n <meta property=\"og:image\" content=\"https://www.speedtest.net/images/share-logo.png\" />\n <meta property=\"og:image:type\" content=\"image/png\" />\n <meta property=\"og:image:width\" content=\"382\" />\n <meta property=\"og:image:height\" content=\"200\" />\n \n <meta name=\"twitter:card\" content=\"summary_large_image\" />\n <meta name=\"twitter:site\" content=\"@speedtest\" />\n <meta name=\"twitter:title\" content=\"Speedtest by Ookla - The Global Broadband Speed Test\" />\n <meta name=\"twitter:description\" content=\"Use Speedtest on all your devices with our free desktop and mobile apps.\" />\n <meta name=\"twitter:image\" content=\"https://www.speedtest.net/images/share-logo.png\" />\n <meta name=\"twitter:app:id:iphone\" content=\"300704847\" />\n <meta name=\"twitter:app:id:ipad\" content=\"300704847\" />\n <meta name=\"twitter:app:id:googleplay\" content=\"org.zwanoo.android.speedtest\" />\n <meta name=\"google-play-app\" content=\"app-id=org.zwanoo.android.speedtest\" />\n <meta name='apple-itunes-app' content='app-id=300704847, affiliate-data=ct=stnet_smart_app_banner&pt=110176'>\n \n <style>\n .svg-region,\n .nav-mobile-controls {\n display: none;\n }\n \n .svg-icon {\n width: 1em;\n height: 1em;\n }\n \n .svg-icon-speedtest-logo {\n width: 16.083em;\n height: 2em;\n }\n \n .svg-icon-ookla-logo {\n width: 4.733em;\n height: 2em;\n }\n \n .gauge-cache {\n display: none;\n }\n </style>\n \n <link rel=\"stylesheet\" href=\"//b.cdnst.net/styles/main.02e5942a3bd3cca2e97dc1cc471941f6.css\" />\n \n <script type=\"text/javascript\">window.isBlocked = true;</script>\n <script type=\"text/javascript\" src=\"//b.cdnst.net/javascript/ads/ad.js\"></script>\n \n <script>\n window.dataLayer = window.dataLayer || [];\n </script>\n <!-- Google Tag Manager -->\n <script>\n //Load GTM\n window.zdconsent = window.zdconsent || {'run': []};\n window.zdconsent.run.push(function(){\n (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':\n new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],\n j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=\n '//www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);\n })(window,document,'script','dataLayer','GTM-K7SNBZ');\n });\n </script>\n <!-- End Google Tag Manager -->\n \n \n <link rel=\"dns-prefetch\" href=\"//b.cdnst.net\" /> <script type=\"text/javascript\">\n window.OOKLA = window.OOKLA || {};\n \n window.OOKLA.INIT_DATA = {\"searchString\":\"m\"};\n window.OOKLA.globals = {\"year\":2026,\"jsPaths\":{\"bundle\":\"\\u002Fjavascript\\u002Fspeedtest-main.js?v=505f0cb35448d2c05cc66021e498ce78\",\"bundle.map\":\"\\u002Fjavascript\\u002Fspeedtest-main.js.map?v=92a37ddfd17c78acd9cd07d3a7e43029\"},\"cdnUrl\":\"\\u002F\\u002Fb.cdnst.net\",\"fontCdn\":\"\\u002Fs\",\"bundleUrl\":\"\\u002F\\u002Fb.cdnst.net\",\"hostSubdomain\":\"\",\"configs\":{\"clientConfigOverride\":{},\"linkToSt3\":false,\"ads\":true,\"lifetimeSubscriptionDate\":\"2199-01-01 00:00:00\",\"subscriptions\":[],\"payments\":{\"client\":{\"apiKey\":\"pk_live_KTgd89Iyw9JidRcjj41PBFAD007uzOUJpb\",\"input_style\":{\"base\":{\"color\":\"#ffffff\",\"lineHeight\":\"24px\",\"fontSize\":\"16px\",\"::placeholder\":{\"color\":\"#aab7c4\"}},\"invalid\":{\"color\":\"#ff3366\",\"iconColor\":\"#ff3366\"}}}},\"lowerContent\":true,\"iframes\":true,\"enableAdRecovery\":false,\"hideErrors\":true,\"logErrorsToServer\":false,\"logNetworkErrorsToConsole\":false,\"profileTiming\":false,\"browserSpecific\":{\"chrome\":{\"client\":{\"logErrorsToServer\":{\"allowDuringTest\":true,\"expensiveStackTraces\":false}}},\"edge\":{\"client\":{\"logErrorsToServer\":{\"allowDuringTest\":true,\"expensiveStackTraces\":false}}},\"ie\":{\"client\":{\"logErrorsToServer\":{\"allowDuringTest\":true,\"expensiveStackTraces\":false}}},\"safari\":{\"client\":{\"forcedAnimationInterval\":250}}},\"forceInsecure\":false,\"isMobile\":null,\"loadedLatency\":true,\"showResultsUrlAfterTest\":true,\"connection\":{},\"animationSpeed\":250,\"incrementGap\":80,\"incrementOnSpeed\":80,\"incrementOffSpeed\":80,\"contextualIndicators\":{\"enabled\":true,\"networkScores\":{\"aimMeasurementScoring\":{\"packetLoss\":{\"domain\":[0.01,0.05,0.25,0.5],\"range\":[10,5,0,-10,-20]},\"latency\":{\"domain\":[10,20,50,100,500],\"range\":[20,10,5,0,-10,-20]},\"loadedLatencyIncrease\":{\"domain\":[10,20,50,100,500],\"range\":[20,10,5,0,-10,-20]},\"jitter\":{\"domain\":[10,20,100,500],\"range\":[10,5,0,-10,-20]},\"download\":{\"domain\":[5000000,10000000,50000000,100000000],\"range\":[0,5,10,20,30]},\"upload\":{\"domain\":[5000000,10000000,50000000,100000000],\"range\":[0,5,10,20,30]}},\"aimExperiencesDefs\":{\"streaming\":{\"input\":[\"latency\",\"packetLoss\",\"download\",\"loadedLatencyIncrease\"],\"pointThresholds\":[15,20,40,60]},\"gaming\":{\"input\":[\"latency\",\"packetLoss\",\"loadedLatencyIncrease\"],\"pointThresholds\":[5,15,25,30]},\"rtc\":{\"input\":[\"latency\",\"jitter\",\"packetLoss\",\"loadedLatencyIncrease\"],\"pointThresholds\":[5,15,25,40]}}},\"browsingNetworkScore\":{\"aimMeasurementScoring\":{\"packetLoss\":{\"domain\":[0.005,0.01,0.02,0.03,0.05,0.1],\"range\":[20,17.5,15.5,12,9,6,2]},\"latency\":{\"domain\":[10,15,30,50,100,200],\"range\":[20,17,15,12,9,3.5,0.5]},\"loadedLatencyIncrease\":{\"domain\":[10,20,35,50,60,90,120],\"range\":[10,8,6,4,3,2,1,0.5]},\"jitter\":{\"domain\":[5,15,30,80,100,150],\"range\":[10,8,6,4,2,1.5,1]},\"download\":{\"domain\":[2000000,5000000,15000000,30000000,50000000,80000000,100000000],\"range\":[0,6,15,25,30,34,38,40]}},\"aimExperiencesDefs\":{\"browsing\":{\"input\":[\"download\",\"latency\",\"jitter\",\"packetLoss\",\"loadedLatencyIncrease\"],\"pointThresholds\":[20,40,60,80]}}}},\"downdetector\":{\"showEot\":true,\"internal\":\"https:\\u002F\\u002Fb.cdnst.net\\u002Fapi\\u002Fdowndetector-eot\"},\"performanceDirectory\":{\"showEot\":true,\"api\":{\"placesValidateEndpoint\":\"\\u002Fplaces\\u002Fvalidate\\u002F\"}},\"outages\":[],\"countryCode\":\"DE\",\"householdCarrier\":null,\"provider\":{\"countryCode\":\"DE\",\"ipAddress\":\"138.68.92.168\",\"ispName\":\"DigitalOcean\",\"providerName\":\"DigitalOcean\",\"providerSource\":null,\"ispId\":156928,\"providerHash\":\"3336931e8c20cf090c2549b3daad644ad77508627d732757bd070d23\"},\"connections\":{\"isVpn\":false,\"selectionMethod\":\"auto\",\"mode\":\"multi\"},\"engine\":{\"remoteDebugging\":false,\"maxDisplayServers\":20,\"requestWebLocation\":true,\"shortTests\":false,\"automaticStageProgression\":false,\"eventSkipInterval\":2,\"latency\":{\"maxServers\":10},\"jsEngine\":{\"saveContentType\":\"application\\u002Fjson\",\"saveType\":\"st4-js\"},\"stagesList\":[\"latency\",\"download\",\"upload\",\"save\"],\"loadedLatency\":{\"enabled\":true},\"swf\":{\"engine\":\"\\u002Fengine.swf\",\"express\":\"\\u002FexpressInstall.swf\"}},\"gauge\":{\"enableDrawPeakSpeed\":false,\"optimizeDrawPeakSpeed\":false},\"status\":{\"graphAnimationFrequency\":33.333333333333336,\"latencyUpdateFrequency\":500},\"resultConfigs\":{\"experiments\":{},\"gitSha\":null},\"privacy\":{\"updated\":\"2020-09-01\"},\"layout\":\"standard\"},\"googleClientId\":\"1013234426872-47fuhuu2u89anu0tfkkv1d2prsffuiia.apps.googleusercontent.com\",\"nonceMaxWaitTimeMs\":1500,\"recaptchaPublicKey\":\"6LdPPe4SAAAAAKTUAgnOXnmcuwebVPkwD_0fQxAI\",\"initData\":{},\"show\":false,\"isEUCountry\":true,\"isRUCountry\":false,\"urlRoot\":\"https:\\u002F\\u002Fwww.speedtest.net\",\"st3UrlRoot\":\"http:\\u002F\\u002Flegacy.speedtest.net\",\"secureUrlRoot\":\"https:\\u002F\\u002Fwww.speedtest.net\",\"canonicalUrlRoot\":\"https:\\u002F\\u002Fwww.speedtest.net\",\"canonicalProtocol\":\"https\",\"accessAllowed\":true,\"ip\":\"138.68.92.168\",\"isp\":\"DigitalOcean\",\"providerName\":\"DigitalOcean\",\"ispId\":156928,\"location\":{\"latitude\":50.1169,\"longitude\":8.6837,\"cityName\":\"Frankfurt am Main\",\"countryCode\":\"DE\",\"countryName\":\"Germany\",\"regionCode\":\"HE\",\"regionName\":\"Hesse\",\"placeId\":3436},\"subscriptions\":[{\"name\":\"ad-free\",\"amount\":\"500\",\"application_name\":\"ST4\"}],\"loggedIn\":false,\"supportedLanguages\":{\"ar\":\"ar\",\"de\":\"de\",\"en\":\"en\",\"es\":\"es\",\"fr\":\"fr\",\"id\":\"id\",\"it\":\"it\",\"ja\":\"ja\",\"ko\":\"ko\",\"nl\":\"nl\",\"pl\":\"pl\",\"pt\":\"pt\",\"ru\":\"ru\",\"sv\":\"sv\",\"th\":\"th\",\"zh-Hans\":\"zh-Hans\",\"zh-Hant\":\"zh-Hant\"},\"timezones\":[{\"tzName\":\"HST\",\"translation\":\"UTC-10 Pacific - Honolulu\"},{\"tzName\":\"America\\u002FAnchorage\",\"translation\":\"UTC-9 America - Anchorage\"},{\"tzName\":\"PST8PDT\",\"translation\":\"UTC-8 America - Los Angeles\"},{\"tzName\":\"MST7MDT\",\"translation\":\"UTC-7 America - Denver\"},{\"tzName\":\"America\\u002FPhoenix\",\"translation\":\"UTC-7 America - Phoenix\"},{\"tzName\":\"CST6CDT\",\"translation\":\"UTC-6 America - Chicago\"},{\"tzName\":\"EST5EDT\",\"translation\":\"UTC-5 America - New York\"},{\"tzName\":\"America\\u002FAntigua\",\"translation\":\"UTC-4 America - Antigua\"},{\"tzName\":\"America\\u002FSao_Paulo\",\"translation\":\"UTC-3 America - Sao Paulo\"},{\"tzName\":\"GMT0\",\"translation\":\"GMT\"},{\"tzName\":\"Europe\\u002FLondon\",\"translation\":\"UTC+0 Europe - London\"},{\"tzName\":\"CET\",\"translation\":\"CET\"},{\"tzName\":\"Africa\\u002FJohannesburg\",\"translation\":\"UTC+2 Africa - Johannesburg\"},{\"tzName\":\"Europe\\u002FAthens\",\"translation\":\"UTC+2 Europe - Athens\"},{\"tzName\":\"Africa\\u002FNairobi\",\"translation\":\"UTC+3 Africa - Nairobi\"},{\"tzName\":\"Asia\\u002FTehran\",\"translation\":\"UTC+3:30 Asia - Tehran\"},{\"tzName\":\"Europe\\u002FMoscow\",\"translation\":\"UTC+4 Europe - Moscow\"},{\"tzName\":\"Indian\\u002FMauritius\",\"translation\":\"UTC+4 Indian - Mauritius\"},{\"tzName\":\"Asia\\u002FKabul\",\"translation\":\"UTC+4:30 Asia - Kabul\"},{\"tzName\":\"Asia\\u002FKarachi\",\"translation\":\"UTC+5 Asia - Karachi\"},{\"tzName\":\"Asia\\u002FKolkata\",\"translation\":\"UTC+5:30 Asia - Kolkata\"},{\"tzName\":\"Asia\\u002FOmsk\",\"translation\":\"UTC+7 Asia - Omsk\"},{\"tzName\":\"Asia\\u002FBangkok\",\"translation\":\"UTC+7 Asia - Bangkok\"},{\"tzName\":\"Asia\\u002FHong_Kong\",\"translation\":\"UTC+8 Asia - Hong Kong\"},{\"tzName\":\"Australia\\u002FPerth\",\"translation\":\"UTC+8 Australia - Perth\"},{\"tzName\":\"Asia\\u002FTokyo\",\"translation\":\"UTC+9 Asia - Tokyo\"},{\"tzName\":\"Australia\\u002FSydney\",\"translation\":\"UTC+10 Australia - Sydney\"},{\"tzName\":\"Asia\\u002FVladivostok\",\"translation\":\"UTC+11 Asia - Vladivostok\"},{\"tzName\":\"Pacific\\u002FAuckland\",\"translation\":\"UTC+12 Pacific - Auckland\"}],\"dateFormats\":{\"1\":\"MM\\u002FDD\\u002FYYYY\",\"2\":\"DD.MM.YYYY\",\"3\":\"YYYY-MM-DD\",\"4\":\"DD\\u002FMM\\u002FYYYY\"},\"speedOptions\":{\"megabits\":\"Mbps\",\"kilobits\":\"Kbps\"},\"distanceOptions\":{\"miles\":\"Miles\",\"kilometers\":\"Kilometers\"},\"timeFormats\":{\"1\":\"12-hour\",\"2\":\"24-hour\"},\"userSettings\":{\"timeZone\":\"GMT0\",\"speedUnit\":\"megabits\",\"preferredServer\":0,\"distanceUnit\":\"miles\",\"dateFormat\":1,\"timeFormat\":1},\"hashKeyId\":null,\"surveys\":{\"survey\":{\"questions\":[{\"guid\":\"b6440ced-04cd-4aa3-8c6f-b5a9b0e8d289\",\"questionId\":1,\"questionType\":\"provider_rating\",\"questionLocaleId\":1,\"text\":\"RATE YOUR PROVIDER\",\"options\":[{\"answer_value\":1},{\"answer_value\":2},{\"answer_value\":3},{\"answer_value\":4},{\"answer_value\":5}],\"questionParameters\":{\"providerName\":\"DigitalOcean\"}}]},\"url\":\"https:\\u002F\\u002Fresults.speedtest.net\\u002Freports\"},\"amplify\":{\"aws_project_region\":\"us-west-2\",\"aws_appsync_graphqlEndpoint\":\"https:\\u002F\\u002Fspeedtest-univ-results-api.speedtest.net\\u002Fgraphql\",\"aws_appsync_region\":\"us-west-2\",\"aws_appsync_authenticationType\":\"OPENID_CONNECT\"},\"firebase\":{\"apiKey\":\"AIzaSyDSaO6tE5SQ7J3ZMsKsepon8tNUNy5WA6s\",\"authDomain\":\"ookla-speedtest.firebaseapp.com\",\"databaseURL\":\"https:\\u002F\\u002Fookla-speedtest.firebaseio.com\",\"projectId\":\"ookla-speedtest\",\"storageBucket\":\"ookla-speedtest.appspot.com\",\"messagingSenderId\":\"1013234426872\",\"appId\":\"1:1013234426872:web:e8d8fe7903803fcee2ac0d\",\"measurementId\":\"G-KKLSRK6J1Z\",\"remoteConfigParameters\":{\"enableWebContextualIndicator\":{\"defaultValue\":false,\"maxWaitTime\":1000},\"runSpeedTestOnDesktopWeb\":{\"defaultValue\":\"default\",\"maxWaitTime\":1500}}},\"isTestRunning\":false,\"isTestFinished\":false,\"layoutClass\":\"standard-layout\",\"language\":\"en\",\"langURL\":\"\",\"isDefaultLanguage\":true};\n window.OOKLA.isBlocked = false;\n </script>\n</head>\n<body class=\" standard-layout language-en\">\n <div aria-live=\"assertive\" class=\"overall-progress visuallyhidden\"></div>\n <!-- Google Tag Manager (noscript) -->\n <noscript><iframe src=\"//www.googletagmanager.com/ns.html?id=GTM-K7SNBZ\"\n height=\"0\" width=\"0\" style=\"display:none;visibility:hidden\"></iframe></noscript>\n <!-- End Google Tag Manager (noscript) -->\n <div class=\"svg-region\">\n<svg xmlns=\"http://www.w3.org/2000/svg\" preserveAspectRatio=\"xMinYMin meet\" viewBox=\"0 0 0 0\" style=\"display: none;\">\n\n <!-- new icons from brandfolder -->\n\n <symbol id=\"icon-account-line\" viewBox=\"0 0 24 24\">\n <path d=\"M22.27 22a.73.73 0 0 1-.733-.73v-.48c0-1.337-.83-2.536-2.062-2.976-1.518-.544-4.037-1.193-7.475-1.193s-5.957.65-7.47 1.19c-1.23.44-2.06 1.638-2.06 2.975v.48A.735.735 0 0 1 1 21.27v-.48c0-1.958 1.22-3.707 3.036-4.356 1.622-.583 4.317-1.276 7.964-1.276s6.34.693 7.964 1.276C21.78 17.084 23 18.837 23 20.79v.48c0 .4-.33.73-.73.73M12 2.7c2.425 0 4.4 1.975 4.4 4.4s-1.974 4.4-4.4 4.4-4.4-1.973-4.4-4.4S9.575 2.7 12 2.7m0-1.468a5.87 5.87 0 0 0 0 11.737A5.87 5.87 0 0 0 12 1.23z\"/>\n </symbol>\n\n <symbol id=\"icon-back\" viewBox=\"0 0 44.02 41\">\n <path d=\"M509.32,508.37H471.93l16.45-16.44a1.5,1.5,0,0,0-2.12-2.12l-19,19a1.5,1.5,0,0,0,0,2.12l19,19a1.5,1.5,0,1,0,2.12-2.12l-16.45-16.44h37.39A1.5,1.5,0,1,0,509.32,508.37Z\" transform=\"translate(-466.81 -489.37)\"/>\n </symbol>\n\n <symbol id=\"icon-carrier-general\" viewBox=\"0 0 18 21\">\n <path d=\"M2 11a2 2 0 0 0-2 2v6a2 2 0 1 0 4 0v-6a2 2 0 0 0-2-2ZM16 0a2 2 0 0 0-2 2v17a2 2 0 1 0 4 0V2a2 2 0 0 0-2-2ZM9 5a2 2 0 0 0-2 2v12a2 2 0 1 0 4 0V7a2 2 0 0 0-2-2Z\"/>\n </symbol>\n\n <symbol id=\"icon-connection-3g\" viewBox=\"0 0 35.3 23.58\">\n <path d=\"M328.4,261.53c1.57-.74,2.5-2.78,2.5-5.31,0-4.26-2.88-5.73-6.75-5.73-5.41,0-7,3.3-7,5.57,0,1.34.29,1.79,2.14,1.79,1.54,0,2-.64,2-1.6,0-1.28.77-2.14,2.85-2.14,1.73,0,2.82.7,2.82,2.82,0,2.75-1.34,3.14-2.94,3.14a1.38,1.38,0,0,0-1.25,1.63,1.36,1.36,0,0,0,1.25,1.63c2,0,3.52.67,3.52,3V267c0,2.43-1,3.46-3.42,3.46-2,0-3.33-.9-3.33-2.34,0-1-.45-1.47-2.14-1.47-1.44,0-2,.35-2,1.63,0,2.59,2.11,5.82,7.36,5.82,4.22,0,7.68-2,7.68-7.1v-0.61A4.77,4.77,0,0,0,328.4,261.53Zm22.22-.41h-5.44c-0.83,0-1.28,1.07-1.28,1.87s0.45,2.19,1.28,2.19h2.59v1.57c0,2.5-1.28,3.68-3.36,3.68s-3.56-1.18-3.56-3.68v-8.93c0-2.5,1.45-3.68,3.6-3.68,2.72,0,3.23,1.66,3.33,3.17,0,1,1,1.31,2.08,1.31,1.38,0,2.08-.38,2.08-2,0-3.84-3.23-6.14-7.65-6.14-4.06,0-7.44,2-7.44,7.33v8.93c0,5.34,3.34,7.33,7.57,7.33s7.52-2,7.52-7.33v-4.28A1.28,1.28,0,0,0,350.62,261.12Z\" transform=\"translate(-316.63 -250.49)\"/>\n </symbol>\n\n <symbol id=\"icon-connection-4g\" viewBox=\"0 0 35.23 24.15\">\n <path d=\"M355.88,209.63h-5.44c-0.83,0-1.28,1.07-1.28,1.87s0.45,2.19,1.28,2.19H353v1.57c0,2.5-1.28,3.68-3.36,3.68s-3.56-1.18-3.56-3.68v-8.93c0-2.5,1.45-3.68,3.6-3.68,2.72,0,3.23,1.66,3.33,3.17,0,1,1,1.31,2.08,1.31,1.38,0,2.08-.38,2.08-2,0-3.84-3.23-6.14-7.65-6.14-4.06,0-7.44,2-7.44,7.33v8.93c0,5.34,3.34,7.33,7.57,7.33s7.52-2,7.52-7.33V211A1.28,1.28,0,0,0,355.88,209.63Zm-19.17,3.06h-1.57v-3.19c0-.93-1-1.31-2-1.31s-2,.38-2,1.31v3.22h-3.81l6.14-12.15a1.3,1.3,0,0,0,.16-0.54c0-1-1.34-1.6-2.08-1.6a1.87,1.87,0,0,0-1.76,1.09l-7.58,14.91a1.71,1.71,0,0,0-.22.83,1.36,1.36,0,0,0,1.41,1.47h7.75v3.77c0,0.86,1,1.31,2,1.31s2-.45,2-1.31v-3.77h1.57c0.67,0,1.31-1,1.31-2S337.58,212.68,336.71,212.68Z\" transform=\"translate(-321.96 -198.42)\"/>\n </symbol>\n\n <symbol id=\"icon-connection-5g\" viewBox=\"0 0 35.36 23.89\">\n <path d=\"M344.5,328.27h-5.44c-0.83,0-1.28,1.07-1.28,1.87s0.45,2.19,1.28,2.19h2.59v1.57c0,2.5-1.28,3.68-3.36,3.68s-3.56-1.18-3.56-3.68V325c0-2.5,1.45-3.68,3.6-3.68,2.72,0,3.23,1.66,3.33,3.17,0,1,1,1.31,2.08,1.31,1.38,0,2.08-.38,2.08-2,0-3.84-3.23-6.14-7.65-6.14-4.06,0-7.44,2-7.44,7.33v8.93c0,5.34,3.34,7.33,7.57,7.33s7.52-2,7.52-7.33v-4.28A1.28,1.28,0,0,0,344.5,328.27Zm-26.57-1.85h-2.46l0.38-5.13h7.2c0.83,0,1.25-1,1.25-2s-0.42-2-1.25-2H313.2c-0.48,0-.74.51-0.8,1.31l-0.83,8.72c0,0.29,0,.58,0,0.83,0,1,.35,2.09,1.66,2.09h4.73c2.08,0,3.36.69,3.36,3.12V334c0,2.43-1.28,3.55-3.39,3.55-1.86,0-3.3-.86-3.3-2.43,0-.9-0.32-1.6-2.08-1.6-1.31,0-2.08.42-2.08,1.89,0,3,2.66,5.79,7.55,5.79,4.13,0,7.45-2,7.45-7.2v-0.61C325.45,328.39,322.16,326.42,317.93,326.42Z\" transform=\"translate(-310.45 -317.34)\"/>\n </symbol>\n\n <symbol id=\"icon-connection-lte-plus\" viewBox=\"0 0 59 21\">\n <path d=\"M326.31,396.4h-6v-15a2,2,0,0,0-4,0v17a2,2,0,0,0,2,2h8A2,2,0,1,0,326.31,396.4Zm28-13a2,2,0,1,0,0-4h-8a2,2,0,0,0-2,2v17a2,2,0,0,0,2,2h8a2,2,0,1,0,0-4h-6v-5h3.25a1.76,1.76,0,0,0,1.75-1.75v-0.49a1.76,1.76,0,0,0-1.75-1.75h-3.25v-4h6Zm-15-4h-10a2,2,0,0,0,0,4h3v15.13a1.88,1.88,0,0,0,1.87,1.87h0.26a1.88,1.88,0,0,0,1.87-1.87V383.4h3A2,2,0,1,0,339.31,379.4Zm34,8h-4v-4a2,2,0,0,0-4,0v4h-4a2,2,0,0,0,0,4h4v4a2,2,0,0,0,4,0v-4h4A2,2,0,1,0,373.31,387.4Z\" transform=\"translate(-316.31 -379.4)\"/>\n </symbol>\n\n <symbol id=\"icon-connection-lte\" viewBox=\"0 0 42 23\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path d=\"M329.58,166.51h-7v-17a2,2,0,0,0-4,0v19a2,2,0,0,0,2,2h9A2,2,0,0,0,329.58,166.51Zm29,0h-7v-6h4.25a1.76,1.76,0,0,0,1.75-1.75v-0.49a1.76,1.76,0,0,0-1.75-1.75h-4.25v-5h7a2,2,0,0,0,0-4h-9a2,2,0,0,0-2,2v19a2,2,0,0,0,2,2h9A2,2,0,0,0,358.58,166.51Zm-16-19h-10a2,2,0,0,0,0,4h3v17.13a1.88,1.88,0,0,0,1.87,1.87h0.26a1.88,1.88,0,0,0,1.87-1.87V151.51h3A2,2,0,0,0,342.58,147.51Z\" transform=\"translate(-318.58 -147.51)\"/>\n </g>\n </symbol>\n\n <svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_lan\" viewBox=\"0 0 24 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path fill-rule=\"evenodd\" d=\"M7.558 9.5v-.25a.654.654 0 0 1 .463 1.116L6.332 12.06l1.69 1.698.003.003a.654.654 0 0 1-.924.924l-.004-.003-2.157-2.157a.654.654 0 0 1 0-.925l2.153-2.15a.65.65 0 0 1 .462-.199l.003.25Zm8.884 5.111v.25a.654.654 0 0 1-.463-1.115l1.688-1.696-1.69-1.697-.004-.003a.654.654 0 0 1 .925-.925l.003.003 2.158 2.158a.654.654 0 0 1 0 .924l-2.152 2.152a.65.65 0 0 1-.462.2l-.003-.25Zm-4.625-3.538c-.547 0-1 .435-1 .983s.453.982 1 .982c.546 0 1-.434 1-.982a.992.992 0 0 0-1-.983Z\" clip-rule=\"evenodd\"/>\n <path fill-rule=\"evenodd\" d=\"M9.25 11.073a1 1 0 1 0 0 2 1 1 0 0 0 0-2Zm5.067 0c-.547 0-1 .435-1 .983s.453.982 1 .982c.546 0 1-.434 1-.982a.992.992 0 0 0-1-.983Z\" clip-rule=\"evenodd\"/>\n </g>\n </svg>\n\n <svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_fiveg\" viewBox=\"0 0 24 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path fill-rule=\"evenodd\" d=\"M8.114 10.81H7.087l.158-2.14h3.006c.346 0 .521-.418.521-.835 0-.418-.175-.835-.521-.835H6.139c-.2 0-.308.213-.334.546l-.346 3.64v.346c0 .418.146.872.693.872h1.974c.868 0 1.402.289 1.402 1.302v.268c0 1.014-.534 1.481-1.414 1.481-.776 0-1.378-.358-1.378-1.014 0-.375-.133-.668-.868-.668-.546 0-.868.176-.868.79 0 1.252 1.11 2.416 3.151 2.416 1.724 0 3.11-.834 3.11-3.005v-.254c-.009-2.087-1.382-2.91-3.147-2.91m11.089.772h-2.27c-.347 0-.535.447-.535.78 0 .335.188.914.534.914h1.081v.656c0 1.043-.534 1.536-1.402 1.536-.868 0-1.486-.493-1.486-1.536v-3.715c0-1.043.606-1.536 1.502-1.536 1.136 0 1.349.693 1.39 1.324 0 .417.418.546.868.546.577 0 .868-.159.868-.834 0-1.603-1.347-2.562-3.193-2.562-1.694 0-3.104.833-3.104 3.059v3.726c0 2.23 1.393 3.06 3.16 3.06 1.764 0 3.137-.835 3.137-3.06v-1.786a.535.535 0 0 0-.55-.572\" clip-rule=\"evenodd\"/>\n </g>\n </svg>\n\n <svg xmlns=\"http://www.w3.org/2000/svg\" id = \"ic_threeg\" viewBox=\"0 0 24 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M19.3825 11.5048H17.0791C16.728 11.5048 16.5369 11.9579 16.5369 12.2962C16.5369 12.6353 16.728 13.2235 17.0791 13.2235H18.1756V13.8882C18.1756 14.9465 17.6341 15.4462 16.7535 15.4462C15.8729 15.4462 15.2457 14.9465 15.2457 13.8882V10.1075C15.2457 9.04856 15.8602 8.54952 16.7705 8.54952C17.9222 8.54952 18.1381 9.25172 18.1798 9.89163C18.1798 10.3149 18.6031 10.4459 19.0604 10.4459C19.6451 10.4459 19.9417 10.2852 19.9417 9.59999C19.9417 7.97402 18.5734 7 16.7025 7C14.9838 7 13.5525 7.84661 13.5525 10.1033V13.884C13.5525 16.1449 14.9668 16.9873 16.7577 16.9873C18.5486 16.9873 19.9417 16.1407 19.9417 13.884V12.0718C19.9559 11.7731 19.7244 11.5197 19.4257 11.5048C19.4115 11.5041 19.3974 11.5041 19.3825 11.5048ZM9.97487 11.6784C10.6396 11.3655 11.0331 10.5012 11.0331 9.43019C11.0331 7.62655 9.81419 7.00434 8.17548 7.00434C5.88483 7.00434 5.21165 8.40096 5.21165 9.36294C5.21165 9.92924 5.33482 10.1204 6.11772 10.1204C6.76966 10.1204 6.96503 9.84925 6.96503 9.44293C6.96503 8.90071 7.29065 8.53687 8.17123 8.53687C8.90387 8.53687 9.3654 8.83346 9.3654 9.73033C9.3654 10.8955 8.79769 11.0604 8.12027 11.0604C7.7989 11.0852 7.55822 11.3662 7.583 11.6876C7.58441 11.7088 7.58724 11.7293 7.59149 11.7506C7.52708 12.062 7.72882 12.3664 8.04028 12.4301C8.06647 12.4351 8.09337 12.4386 8.12027 12.44C8.96758 12.44 9.61103 12.7246 9.61103 13.7106V13.9945C9.61103 15.023 9.18773 15.4591 8.16274 15.4591C7.31613 15.4591 6.75267 15.0782 6.75267 14.4688C6.75267 14.0448 6.56226 13.8466 5.84661 13.8466C5.23713 13.8466 5 13.9945 5 14.536C5 15.6325 5.89332 17.0001 8.11602 17.0001C9.90267 17.0001 11.3679 16.1535 11.3679 13.9945V13.7354C11.4302 12.8117 10.8562 11.9629 9.97487 11.6784Z\"/>\n </g>\n </svg>\n\n <svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_cellular\" viewBox=\"0 0 24 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path fill-rule=\"evenodd\" d=\"M11.704 7.891c-.638 0-1.156.518-1.156 1.157v6.939a1.156 1.156 0 1 0 2.313 0V9.048c0-.639-.518-1.157-1.157-1.157M15.752 5c-.639 0-1.156.518-1.156 1.157v9.83a1.156 1.156 0 1 0 2.313 0v-9.83c0-.639-.518-1.157-1.156-1.157m-8.097 6.36c-.638 0-1.156.519-1.156 1.158v3.469a1.156 1.156 0 1 0 2.313 0v-3.47c0-.638-.518-1.156-1.157-1.156\" clip-rule=\"evenodd\"/>\n </g>\n </svg>\n\n <svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_lte\" viewBox=\"0 0 24 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path fill-rule=\"evenodd\" d=\"M12.761 8h-3.81a.762.762 0 0 0 0 1.524h1.143v5.763c.002.393.32.711.713.713h.099a.716.716 0 0 0 .712-.713V9.524h1.143a.762.762 0 0 0 0-1.524Zm5.715 1.524a.762.762 0 0 0 0-1.524h-3.048a.762.762 0 0 0-.762.762v6.476c0 .42.341.762.762.762h3.047a.762.762 0 0 0 0-1.524H16.19v-1.904h1.238a.67.67 0 0 0 .667-.667v-.187a.67.67 0 0 0-.667-.667H16.19V9.527h2.285v-.003ZM7.809 14.476H5.523V8.762a.762.762 0 0 0-1.523 0v6.476c0 .42.34.762.762.762h3.047a.762.762 0 0 0 0-1.524Z\" clip-rule=\"evenodd\"/>\n </g>\n </svg>\n\n <symbol id=\"icon-delete\" viewBox=\"0 0 40.93 44\">\n <path d=\"M511.84,432.07H474a1.53,1.53,0,1,0,0,3.07h37.86A1.53,1.53,0,1,0,511.84,432.07ZM490.35,429h5.12a1.53,1.53,0,1,0,0-3.07h-5.12A1.53,1.53,0,0,0,490.35,429ZM509,438.2a1.54,1.54,0,0,0-1.74,1.3l-3.34,23.4a4.63,4.63,0,0,1-4.56,4H486.45a4.63,4.63,0,0,1-4.56-4l-3.34-23.4a1.54,1.54,0,1,0-3,.43l3.34,23.4a7.72,7.72,0,0,0,7.6,6.6h12.89a7.72,7.72,0,0,0,7.6-6.6l3.34-23.4A1.54,1.54,0,0,0,509,438.2Z\" transform=\"translate(-472.44 -425.93)\"/>\n </symbol>\n\n <symbol id=\"icon-download\" viewBox=\"0 0 24.01 23.99\">\n <path d=\"M12 0a12 12 0 1 0 12 12A12 12 0 0 0 12 0Zm0 22a10 10 0 1 1 10-10 10 10 0 0 1-9.98 10Zm5-11a1 1 0 0 0-.71.29l-3.3 3.3V7a1 1 0 0 0-2 0v7.59L7.74 11.3a1.004 1.004 0 1 0-1.42 1.42l5 5a1 1 0 0 0 1.42 0l5-5a1 1 0 0 0-.72-1.72Z\"/>\n </symbol>\n\n <symbol id=\"icon-expand-glyph\" viewBox=\"0 0 22.03 13.03\">\n <path d=\"M537.65,692.65l7.57-7.57,7.57,7.57a2,2,0,1,0,2.86-2.86l-9-9a2,2,0,0,0-2.86,0l-9,9A2,2,0,0,0,537.65,692.65Z\" transform=\"translate(-534.21 -680.21)\"/>\n </symbol>\n\n <symbol id=\"icon-gauge-tiny\" viewBox=\"0 0 24 20.49\">\n <path d=\"M72.76,719.25a12,12,0,1,0-17,0l1.71-1.71a9.59,9.59,0,1,1,13.55,0Z\" transform=\"translate(-52.27 -698.76)\"/>\n <polygon points=\"11.72 14.41 9.59 12.28 16.41 6.31 17.69 7.59 11.72 14.41\"/>\n </symbol>\n\n <symbol id=\"icon-isp-wifi\" viewBox=\"0 0 29.51 22\">\n <path d=\"M135.92,49.19a22.23,22.23,0,0,0-28.09,0,2,2,0,0,0-.12,2.94h0a2,2,0,0,0,1.41.58,2.09,2.09,0,0,0,1.32-.47,18.19,18.19,0,0,1,22.88,0,2.09,2.09,0,0,0,1.32.47,2,2,0,0,0,1.41-.58h0A2,2,0,0,0,135.92,49.19Zm-5.86,5.61a14.15,14.15,0,0,0-16.36,0,2,2,0,0,0-.24,3,2,2,0,0,0,1.43.59,1.9,1.9,0,0,0,1.11-.35,10.11,10.11,0,0,1,11.74,0,1.9,1.9,0,0,0,1.11.35,2,2,0,0,0,1.43-.59A2,2,0,0,0,130.05,54.79Zm-8.18,5.4a6,6,0,0,0-3.38,1,1,1,0,0,0-.11,1.51l3.49,3.47,3.49-3.47a1,1,0,0,0-.11-1.51A6,6,0,0,0,121.87,60.19Z\" transform=\"translate(-107.11 -44.19)\"/>\n </symbol>\n\n <symbol id=\"icon-location-fill\" viewBox=\"0 0 23.44 29.01\">\n <path d=\"M514.3,617a11.51,11.51,0,0,0-16.57,0,12.23,12.23,0,0,0,0,17l8.29,8.5,8.29-8.5A12.23,12.23,0,0,0,514.3,617ZM506,628.7a3.45,3.45,0,1,1,3.45-3.45A3.45,3.45,0,0,1,506,628.7Z\" transform=\"translate(-494.29 -613.5)\"/>\n </symbol>\n\n <symbol id=\"icon-location-find\" viewBox=\"0 0 32.98 32.97\">\n <path d=\"M321.9,381.11a2,2,0,0,0-2.23-.41l-29,13a2,2,0,0,0,.82,3.82h14v14a2,2,0,0,0,1.58,2,2,2,0,0,0,.42,0,2,2,0,0,0,1.82-1.18l13-29A2,2,0,0,0,321.9,381.11Z\" transform=\"translate(-289.5 -380.52)\"/>\n </symbol>\n\n <symbol id=\"icon-location-outline\" viewBox=\"0 0 22.33 29.01\">\n <path d=\"M564.28,619.79a11,11,0,0,0-15.79,0,11.66,11.66,0,0,0-.68,15.42l8.14,10a0.55,0.55,0,0,0,.86,0l8.14-10A11.66,11.66,0,0,0,564.28,619.79Zm-0.62,14.37-7.28,9-7.28-9a9.93,9.93,0,0,1,.58-13.2,9.29,9.29,0,0,1,13.39,0A9.93,9.93,0,0,1,563.67,634.16Zm-7.28-8.8a2.23,2.23,0,1,0,2.23,2.23A2.23,2.23,0,0,0,556.39,625.37Z\" transform=\"translate(-545.23 -616.44)\"/>\n </symbol>\n\n <symbol id=\"icon-ping\" viewBox=\"0 0 24.01 23.99\">\n <path d=\"M6.24 10.6a1 1 0 0 0 .77.39h10a1 1 0 0 0 0-2H8.93l3.06-3.06a1 1 0 1 0-1.41-1.41L6.04 9.06a1 1 0 0 0 0 1.41 1 1 0 0 0 .2.13ZM12-.01a12 12 0 1 0 12 12 12 12 0 0 0-12-12Zm0 22a10 10 0 1 1 10-10 10 10 0 0 1-9.98 10Zm5.74-8.61a1 1 0 0 0-.77-.39h-10a1 1 0 1 0 0 2h8.09L12 18.05a1 1 0 1 0 1.41 1.41l4.54-4.54a1 1 0 0 0 0-1.41 1 1 0 0 0-.21-.13Z\"/>\n </symbol>\n\n <symbol id=\"icon-rating-fill\" viewBox=\"0 0 53.57 52\">\n <path d=\"M492.91,345.58a2.1,2.1,0,0,0-2,1.53L486,363.58H468.1a2,2,0,0,0-1.21,3.59l14.51,11.3-4.92,16.31a2.16,2.16,0,0,0,2.05,2.8,2.08,2.08,0,0,0,1.27-.44l13.11-9.94,13.1,9.94a2.09,2.09,0,0,0,1.27.44,2.17,2.17,0,0,0,2.05-2.81l-4.92-16.3,14.51-11.3a2,2,0,0,0-1.21-3.58H499.85l-4.9-16.47a2.1,2.1,0,0,0-2-1.53h0Z\" transform=\"translate(-466.12 -345.58)\"/>\n </symbol>\n\n <symbol id=\"icon-rating-outline\" viewBox=\"0 0 53.57 52\">\n <path d=\"M492.91,274.34l4.31,14.46a2,2,0,0,0,1.9,1.43h15.69l-12.75,9.94a2,2,0,0,0-.68,2.16l4.38,14.5L494.1,308a2,2,0,0,0-2.39,0l-11.65,8.83,4.38-14.5a2,2,0,0,0-.68-2.16L471,290.23H486.7a2,2,0,0,0,1.9-1.43l4.31-14.46m0-5.11a2.1,2.1,0,0,0-2,1.53L486,287.23H468.1a2,2,0,0,0-1.21,3.59l14.51,11.3-4.92,16.31a2.16,2.16,0,0,0,2.05,2.8,2.08,2.08,0,0,0,1.27-.44l13.11-9.94,13.1,9.94a2.09,2.09,0,0,0,1.27.44,2.17,2.17,0,0,0,2.05-2.81l-4.92-16.3,14.51-11.3a2,2,0,0,0-1.21-3.58H499.85l-4.9-16.47a2.1,2.1,0,0,0-2-1.53h0Z\" transform=\"translate(-466.12 -269.23)\"/>\n </symbol>\n\n <symbol id=\"icon-ring\" viewBox=\"0 0 64 64\">\n <path d=\"M32 0a32 32 0 1 0 32 32A32 32 0 0 0 32 0Zm0 61a29 29 0 1 1 29-29 29 29 0 0 1-29 29Z\"/>\n </symbol>\n\n <symbol id=\"icon-search\" viewBox=\"0 0 33.98 33.98\">\n <path d=\"M575.15,746.45l-8.58-8.58a14,14,0,1,0-2.21,2.21l8.58,8.58A1.57,1.57,0,0,0,575.15,746.45Zm-19.52-6.31a11,11,0,1,1,11-11A11,11,0,0,1,555.63,740.14Z\" transform=\"translate(-541.63 -715.14)\"/>\n </symbol>\n\n <symbol id=\"icon-selection-glyph\" viewBox=\"0 0 10.98 19.02\">\n <path d=\"M502.65,696.24a1.49,1.49,0,0,1-1.06-.44,1.5,1.5,0,0,1,0-2.12l6.92-6.95-6.92-6.95a1.5,1.5,0,0,1,2.12-2.12l8,8a1.5,1.5,0,0,1,0,2.12l-8,8A1.49,1.49,0,0,1,502.65,696.24Z\" transform=\"translate(-501.15 -677.21)\"/>\n </symbol>\n\n <symbol id=\"icon-internet\" viewBox=\"0 0 24 24\">\n <path d=\"M12 1C5.94 1 1 5.94 1 12s4.94 11 11 11 11-4.94 11-11S18.06 1 12 1zm9.444 10.247H16.99c-.11-3.487-.86-6.44-2.042-8.26 3.542 1.18 6.177 4.398 6.496 8.26zM12 21.444c-1.557 0-3.273-3.646-3.432-8.69h6.924c-.22 5.043-1.935 8.69-3.492 8.69zM8.568 11.247c.16-5.043 1.875-8.69 3.432-8.69s3.273 3.647 3.432 8.69H8.568zm.48-8.262C7.863 4.812 7.115 7.76 7.005 11.197H2.55c.325-3.812 2.96-7.03 6.497-8.212zm-6.492 9.768H7.01c.11 3.487.86 6.385 2.04 8.212-3.54-1.133-6.175-4.35-6.494-8.212zm12.397 8.26c1.183-1.825 1.93-4.773 2.04-8.21h4.455c-.323 3.812-2.958 7.03-6.495 8.21z\"/>\n </symbol>\n\n <symbol id=\"icon-share\" viewBox=\"0 0 48 48\">\n <path d=\"M31.5 15a1.5 1.5 0 0 0-1.5 1.5v24.51H3V16.5a1.5 1.5 0 1 0-3 0v26A1.5 1.5 0 0 0 1.5 44h30a1.5 1.5 0 0 0 1.5-1.5v-26a1.5 1.5 0 0 0-1.5-1.5ZM11.59 8.56l3.44-3.44v26.39a1.5 1.5 0 1 0 3 0V5.12l3.44 3.44a1.5 1.5 0 0 0 2.12-2.12l-6-6a1.5 1.5 0 0 0-2.12 0l-6 6a1.5 1.5 0 0 0 2.12 2.12Z\"/>\n </symbol>\n\n <symbol id=\"icon-upload\" viewBox=\"0 0 24.01 23.99\">\n <path d=\"M12 0a12 12 0 1 0 12 12A12 12 0 0 0 12 0Zm0 22a10 10 0 1 1 10-10 10 10 0 0 1-9.98 10Zm.74-15.72a1 1 0 0 0-1.42 0l-5 5a1.004 1.004 0 0 0 1.42 1.42l3.3-3.3V17a1 1 0 0 0 2 0V9.41l3.3 3.3a1 1 0 0 0 1.4-1.42Z\"/>\n </symbol>\n\n <symbol id=\"icon-help\" viewBox=\"0 0 24 24\">\n <circle cx=\"11.992\" cy=\"17.423\" r=\".974\"/>\n <path d=\"M12 15.142a.826.826 0 0 1-.825-.825v-1.239c0-.887.575-1.653 1.43-1.904a2.146 2.146 0 0 0 1.53-2.047c0-1.138-.997-2.135-2.135-2.135a2.137 2.137 0 0 0-2.134 2.134.826.826 0 0 1-1.65 0A3.788 3.788 0 0 1 12 5.342c2.052 0 3.785 1.733 3.785 3.785a3.804 3.804 0 0 1-2.714 3.63.335.335 0 0 0-.245.321v1.239a.826.826 0 0 1-.826.825z\"/>\n <path d=\"M12.001 1.014C5.926 1.014 1 5.937 1 12.008 1 18.081 5.926 23 12.001 23 18.075 23 23 18.081 23 12.008c0-6.071-4.925-10.994-10.999-10.994zm.014 20.16c-5.057 0-9.159-4.102-9.159-9.166 0-5.063 4.101-9.167 9.159-9.167 5.057 0 9.158 4.104 9.158 9.167 0 5.064-4.101 9.166-9.158 9.166z\"/>\n </symbol>\n\n <symbol id=\"icon-alert\" viewBox=\"0 0 24 24\">\n <path d=\"M12 2.85c.197 0 .393.1.5.3l8.876 16.46a.568.568 0 0 1-.5.838H3.124a.568.568 0 0 1-.5-.838L11.5 3.15a.56.56 0 0 1 .5-.3m0-1.552a2.12 2.12 0 0 0-1.867 1.114l-8.876 16.46c-.358.664-.34 1.446.046 2.094S2.37 22 3.123 22h17.754a2.1 2.1 0 0 0 1.82-1.034c.387-.647.404-1.43.047-2.094l-8.877-16.46A2.117 2.117 0 0 0 12 1.298z\"/>\n <path d=\"M12.862 14.46V7.733a.862.862 0 0 0-1.724 0v6.726a.862.862 0 0 0 1.724 0z\"/>\n <circle cx=\"12\" cy=\"18.083\" r=\".866\"/>\n </symbol>\n\n <symbol id=\"icon-up\" viewBox=\"0 0 24 24\">\n <path d=\"M12.766 22.252V3.556l8.223 8.223a.754.754 0 0 0 1.06-.04.747.747 0 0 0 0-1.023l-9.504-9.5a.753.753 0 0 0-1.062 0l-9.5 9.5a.755.755 0 0 0-.038 1.062c.28.302.76.318 1.062.038.01-.01.028-.022.04-.04l8.217-8.222v18.696a.75.75 0 0 0 1.5 0z\"/>\n </symbol>\n\n <!-- old icons that don't exist in brandfolder (new ids) -->\n\n <symbol id=\"icon-folder\" viewBox=\"-42.5 56.5 26 26\">\n <path d=\"M-18.265 79.02c-.137.896-.95 1.605-1.816 1.605h-18.84c-.868 0-1.68-.71-1.818-1.605l-1.733-9.24c-.185-1.164.514-2.134 1.563-2.134h22.81c1.052 0 1.75.97 1.568 2.135l-1.735 9.24zm-22.332-15.082V60.23c0-1.023.83-1.855 1.854-1.855h5.563c1.022 0 1.854.83 1.854 1.854H-20.2c1.022 0 1.853.83 1.853 1.854v1.854h-22.25z\"/>\n </symbol>\n\n <symbol id=\"icon-settings\" viewBox=\"-42.5 57.5 26 26\">\n <path d=\"M-17.468 72.815l-2.26.466a.712.712 0 0 0-.52.475c-.135.41-.298.81-.488 1.198a.707.707 0 0 0 .038.703l1.293 1.973a1.226 1.226 0 0 1-.152 1.535l-1.41 1.43a1.198 1.198 0 0 1-1.523.153l-1.947-1.31a.69.69 0 0 0-.696-.036c-.385.188-.78.355-1.186.493a.708.708 0 0 0-.466.525l-.464 2.104c-.11.567-.607.976-1.18.976h-2a1.212 1.212 0 0 1-1.182-.976l-.462-2.104a.707.707 0 0 0-.474-.525 10.947 10.947 0 0 1-1.18-.493.693.693 0 0 0-.697.036l-1.946 1.31a1.2 1.2 0 0 1-1.523-.152l-1.413-1.43a1.23 1.23 0 0 1-.15-1.537l1.296-1.974a.71.71 0 0 0 .035-.703c-.19-.388-.353-.787-.492-1.198a.704.704 0 0 0-.518-.474l-2.4-.465a1.21 1.21 0 0 1-.966-1.195V69.6c0-.578.4-1.08.963-1.196l2.402-.466a.71.71 0 0 0 .52-.48c.137-.407.302-.808.49-1.188a.716.716 0 0 0-.035-.707l-1.297-1.97a1.236 1.236 0 0 1 .15-1.538l1.414-1.428a1.192 1.192 0 0 1 1.522-.152l1.945 1.31a.71.71 0 0 0 .702.034c.38-.192.774-.358 1.184-.497a.696.696 0 0 0 .466-.525l.462-2.318c.112-.57.61-.98 1.182-.98h2c.572 0 1.07.41 1.18.98l.464 2.317c.05.25.234.448.472.527.408.14.8.305 1.18.494.222.11.492.102.697-.035l1.947-1.31a1.193 1.193 0 0 1 1.522.153l1.41 1.428c.408.408.472 1.055.153 1.537l-1.34 2.035a.58.58 0 0 0-.027.572c.214.43.4.88.55 1.338a.566.566 0 0 0 .422.385l2.328.483c.576.037.97.618.97 1.197l.002 2.02c0 .58-.406 1.08-.968 1.195zM-29.5 64.94a5.56 5.56 0 0 0-5.555 5.56c0 3.075 2.49 5.568 5.555 5.568a5.56 5.56 0 0 0 5.556-5.568 5.56 5.56 0 0 0-5.556-5.56z\"/>\n </symbol>\n\n <symbol id=\"icon-info-fill\" viewBox=\"-42.5 57.5 26 26\">\n <path d=\"M-29.5 83.487c-7.18 0-13-5.817-13-12.993 0-7.177 5.82-12.994 13-12.994s13 5.817 13 12.994c0 7.176-5.82 12.993-13 12.993zm1.855-20.42h-3.714v3.714h3.715v-3.714zm0 5.57h-3.714v9.285h3.715v-9.284z\"/>\n </symbol>\n\n <symbol id=\"icon-calendar\" viewBox=\"0 0 16 17\">\n <path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M14 2h-1V1a1 1 0 1 0-2 0v1H5V1a1 1 0 0 0-2 0v1H2a2 2 0 0 0-2 2v11a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2zm0 13H2V4h12v11zM8 8v5l2.012.008v-7.01H8.166l-2.18.567.438 1.72L8 8z\"/>\n </symbol>\n\n <symbol id=\"icon-twitter\" viewBox=\"0 0 25 25\">\n <path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M12.5.926C6.108.926.926 6.108.926 12.5S6.108 24.074 12.5 24.074c6.392 0 11.574-5.182 11.574-11.574S18.892.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86s4.415-9.86 9.86-9.86c5.445 0 9.86 4.415 9.86 9.86s-4.415 9.86-9.86 9.86zm5.693-13.853a5.128 5.128 0 0 1-1.57.567 2.54 2.54 0 0 0-1.806-.738c-1.366 0-2.473 1.046-2.473 2.337 0 .183.022.36.064.533-2.055-.097-3.878-1.028-5.098-2.44a2.228 2.228 0 0 0-.334 1.173c0 .81.437 1.525 1.1 1.944a2.57 2.57 0 0 1-1.12-.292v.03c0 1.13.853 2.075 1.984 2.29a2.635 2.635 0 0 1-1.117.04c.315.928 1.228 1.604 2.31 1.623-.846.627-1.913 1-3.072 1-.2 0-.395-.01-.59-.033a7.3 7.3 0 0 0 3.792 1.05c4.55 0 7.037-3.56 7.037-6.648 0-.1-.003-.202-.008-.302.483-.33.903-.74 1.234-1.21a5.18 5.18 0 0 1-1.42.368 2.37 2.37 0 0 0 1.087-1.293z\"/>\n </symbol>\n\n <symbol id=\"icon-facebook\" viewBox=\"0 0 25 25\">\n <path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M12.5.926C6.108.926.926 6.108.926 12.5S6.108 24.074 12.5 24.074 24.074 18.892 24.074 12.5 18.892.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86s4.415-9.86 9.86-9.86 9.86 4.415 9.86 9.86-4.415 9.86-9.86 9.86zm.6-12.385c0-.5.11-.802.806-.802.642 0 1.23.005 1.23.005l.045-1.696s-.576-.07-1.356-.07c-1.927 0-2.763 1.12-2.763 2.338v1.55H9.647v1.817h1.416v4.478H13.1v-4.478h2l.09-1.816H13.1V9.976z\"/>\n </symbol>\n\n <symbol id=\"icon-google-plus\" viewBox=\"0 0 25 25\">\n <path fill-rule=\"evenodd\" d=\"M12.5.926C6.108.926.926 6.108.926 12.5S6.108 24.074 12.5 24.074c6.392 0 11.574-5.182 11.574-11.574S18.892.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86s4.415-9.86 9.86-9.86 9.86 4.415 9.86 9.86-4.415 9.86-9.86 9.86z\" clip-rule=\"evenodd\"/>\n <path fill-rule=\"evenodd\" d=\"M14.958 7.396h-3.68c-1.686 0-3.163 1.366-3.163 2.923 0 1.64 1.05 2.793 2.56 2.82-.036.137-.054.27-.054.402 0 .266.075.473.18.645h-.052c-2 0-3.342 1.508-3.342 2.917 0 1.355 1.515 2.34 3.604 2.34 2.253 0 3.6-1.432 3.6-2.815 0-1.166-.294-1.742-1.31-2.57l-.068-.054c-.63-.51-.764-.716-.764-.8 0-.263.02-.387.542-.83.664-.563 1.014-1.258 1.014-2.01 0-.66-.183-1.248-.51-1.676h.308l1.136-1.294zm-5.175 2.87c-.075-.616.056-1.185.35-1.52a.83.83 0 0 1 .636-.302v-.247l.028.248c.696.023 1.346.903 1.48 2.004.074.614-.027 1.114-.282 1.406-.156.178-.363.268-.65.268h-.004c-.764-.025-1.434-.823-1.56-1.857zm3.328 6.194c.024.106.035.21.035.314 0 1.064-.72 1.604-2.143 1.604-1.08 0-1.924-.728-1.924-1.657 0-.87.958-1.634 2.05-1.634v-.248l.028.248c.255.003.503.046.672.093l.29.215c.522.38.896.656.993 1.065zm4.896-7.336v-1.57h-1.214v1.57h-1.447v1.28h1.447v1.57h1.214v-1.57h1.447v-1.28h-1.447z\" clip-rule=\"evenodd\"/>\n </symbol>\n\n <symbol id=\"icon-phone\" viewBox=\"0 0 26 26\">\n <path d=\"M18.278 25.5H6.722c-1.225 0-2.222-1.02-2.222-2.273V2.773C4.5 1.52 5.497.5 6.722.5h11.556C19.503.5 20.5 1.52 20.5 2.773v20.455c0 1.252-.997 2.272-2.222 2.272zM6.722 1.41c-.735 0-1.333.61-1.333 1.363v20.455c0 .752.597 1.364 1.332 1.364h11.556c.735 0 1.333-.612 1.333-1.364V2.773c0-.752-.597-1.364-1.332-1.364H6.722z\"/>\n <path d=\"M17.39 20.045H7.61l-.443-.455V5.045l.444-.455h9.78l.443.455V19.59l-.444.455zm-9.334-.91h8.89V5.5h-8.89v13.636z\"/>\n <path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M13.39 22.318c0 .502-.4.91-.89.91s-.89-.408-.89-.91.4-.91.89-.91.89.408.89.91z\"/>\n </symbol>\n\n <symbol id=\"ookla-logo\" viewBox=\"0 0 71 30\">\n <path d=\"M45.987 22.642 35.044 11.698v1.932l9.012 9.012zm-2.749 0-8.194-8.194v1.954l6.24 6.24zm-2.796 0-5.398-5.398v1.93l3.468 3.468zM45.75 8.47V6.54l-7.556 7.555.965.965zM48.518 1l-11.71 11.71.965.964L48.518 2.93zm-2.773 0L35.42 11.323l.966.965 9.36-9.357zM13.734 15.552c0-3.103-2.103-5.645-5.347-5.645-3.243 0-5.344 2.543-5.344 5.645 0 3.104 2.1 5.647 5.344 5.647 3.245 0 5.347-2.544 5.347-5.648M1 15.552c0-4.204 3.063-7.448 7.387-7.448 4.325 0 7.39 3.243 7.39 7.448S12.71 23 8.386 23 1 19.757 1 15.552m28.358 0c0-3.103-2.103-5.645-5.346-5.645s-5.346 2.543-5.346 5.645c0 3.104 2.103 5.647 5.346 5.647 3.244 0 5.346-2.544 5.346-5.648m-12.734 0c0-4.204 3.063-7.448 7.39-7.448 4.324 0 7.387 3.243 7.387 7.448S28.34 23 24.014 23s-7.39-3.243-7.39-7.448m29.968-7.088h1.922v12.374h7.057v1.802h-8.978zm16.548 2.483h-.04L58.333 22.64h-2.16L62.14 8.464h2.082l5.84 14.176h-2.16zM32.437 8.465h1.946v14.177h-1.946zm36.949-.005c.16 0 .318.042.47.125.155.083.274.2.36.355a.97.97 0 0 1 0 .958.963.963 0 0 1-1.665 0 .963.963 0 0 1 .362-1.313c.156-.082.313-.124.474-.124zm0 .16a.82.82 0 0 0-.394.105.797.797 0 0 0-.3 1.095.805.805 0 0 0 1.093.296.752.752 0 0 0 .295-.295.81.81 0 0 0-.003-.8.74.74 0 0 0-.3-.295.79.79 0 0 0-.39-.104zm-.42 1.332V8.92h.354c.12 0 .21.008.263.028a.268.268 0 0 1 .178.252.28.28 0 0 1-.08.197.32.32 0 0 1-.215.094.323.323 0 0 1 .088.056c.042.04.093.11.152.205l.126.203h-.203l-.09-.163c-.073-.128-.13-.208-.175-.24-.03-.024-.075-.035-.134-.035h-.098v.438h-.165zm.166-.582h.203c.096 0 .163-.015.197-.043a.142.142 0 0 0 .053-.115c0-.03-.01-.058-.026-.082a.15.15 0 0 0-.07-.053.522.522 0 0 0-.168-.018h-.19v.31z\"/>\n </symbol>\n\n <symbol id=\"icon-circle\" viewBox=\"0 0 25 25\">\n <circle cx=\"12\" cy=\"12\" r=\"12\"/>\n </symbol>\n\n <symbol id=\"icon-email-circle\" viewBox=\"0 0 25 25\">\n <path d=\"M12.5.926C6.108.926.926 6.108.926 12.5c0 6.393 5.182 11.574 11.574 11.574 6.393 0 11.574-5.182 11.574-11.574C24.074 6.108 18.894.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86 0-5.445 4.415-9.86 9.86-9.86 5.445 0 9.86 4.415 9.86 9.86 0 5.445-4.415 9.86-9.86 9.86z\"/>\n <path d=\"M12.5 13.88 6.062 9.87v6.294c0 .643.54 1.164 1.207 1.164h10.46c.668 0 1.207-.52 1.207-1.164V9.87L12.5 13.88zM7.27 7.672c-.624 0-1.137.455-1.2 1.04a.86.86 0 0 0-.008.124l6.438 4.01 6.438-4.01a1.08 1.08 0 0 0-.007-.13c-.065-.582-.577-1.034-1.2-1.034H7.27z\"/>\n </symbol>\n\n <symbol id=\"icon-linkedin-circle\" viewBox=\"0 0 25 25\">\n <path d=\"M12.5.926C6.108.926.926 6.108.926 12.5c0 6.393 5.182 11.574 11.574 11.574 6.393 0 11.574-5.182 11.574-11.574C24.074 6.108 18.894.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86 0-5.445 4.415-9.86 9.86-9.86 5.445 0 9.86 4.415 9.86 9.86 0 5.445-4.415 9.86-9.86 9.86z\"/>\n <path d=\"M9.627 10.1H7.03v7.82h2.597V10.1zm-1.3-1.068c.908 0 1.47-.6 1.47-1.35-.015-.768-.562-1.352-1.452-1.352-.89 0-1.47.584-1.47 1.352 0 .75.563 1.35 1.437 1.35h.016zm2.739 8.888h2.6v-4.367c0-.233.016-.467.086-.634.187-.468.615-.952 1.332-.952.94 0 1.316.717 1.316 1.768v4.184H19v-4.483c0-2.403-1.282-3.52-2.992-3.52-1.402 0-2.018.784-2.358 1.316h.017V10.1h-2.6c.034.733 0 7.82 0 7.82\"/>\n </symbol>\n\n <symbol id=\"icon-dropbox-circle\" viewBox=\"0 0 25 25\">\n <path d=\"M12.5.926C6.108.926.926 6.108.926 12.5c0 6.393 5.182 11.574 11.574 11.574 6.393 0 11.574-5.182 11.574-11.574C24.074 6.108 18.894.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86 0-5.445 4.415-9.86 9.86-9.86 5.445 0 9.86 4.415 9.86 9.86 0 5.445-4.415 9.86-9.86 9.86z\"/>\n <path d=\"M9.592 6.203L5.328 8.86l2.92 2.45 4.25-2.762-2.906-2.345zm5.486 11.275a.328.328 0 0 1-.212-.077L12.5 15.44 10.134 17.4a.336.336 0 0 1-.395.024l-1.754-1.146v.677l4.514 2.842 4.514-2.844v-.676l-1.753 1.146a.333.333 0 0 1-.182.055zm4.594-8.62l-4.265-2.655L12.5 8.55l4.25 2.76 2.922-2.45zM12.5 13.966l2.635 2.188 4.216-2.756-2.6-2.087-4.25 2.655zM9.866 16.15l2.634-2.186-4.25-2.656-2.6 2.087 4.216 2.756z\"/>\n </symbol>\n\n <symbol id=\"icon-yahoo-circle\" viewBox=\"0 0 25 25\">\n <path d=\"M12.5.926C6.108.926.926 6.108.926 12.5c0 6.393 5.182 11.574 11.574 11.574 6.393 0 11.574-5.182 11.574-11.574C24.074 6.108 18.894.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86 0-5.445 4.415-9.86 9.86-9.86 5.445 0 9.86 4.415 9.86 9.86 0 5.445-4.415 9.86-9.86 9.86zm6.95-11.277H17.3l-3.412 3.412v2.15h2.78V18.5H9.253v-1.854h2.78v-2.15L6.77 9.23H5.55V7.374h5.552V9.23h-1.22l3.08 3.078.926-.927V9.23h5.562v1.853z\"/>\n </symbol>\n\n <symbol id=\"icon-evernote-circle\" viewBox=\"0 0 25 25\">\n <path d=\"M12.5.926C6.108.926.926 6.108.926 12.5c0 6.393 5.182 11.574 11.574 11.574 6.393 0 11.574-5.182 11.574-11.574C24.074 6.108 18.894.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86 0-5.445 4.415-9.86 9.86-9.86 5.445 0 9.86 4.415 9.86 9.86 0 5.445-4.415 9.86-9.86 9.86zm5.244-14.235c0-.884-1.332-.982-1.332-.982l-3.126-.197s-.067-.85-.7-1.146c-.63-.295-1.326-.205-1.825-.2s-.617.643-.617 1.244.012 1.292.012 1.73c0 .78-.344 1.113-1.204 1.113H7.18c-.496-.033-.883.05-.883.45S6.88 13.96 7.68 14.75c.465.456 3.31.778 3.907.778.6 0 .4-1.77.567-1.77.165 0 .35 1 1.292 1.232.943.236 2.2.19 2.27.863.087.887.166 2.03-.417 2.113l-1.32.054c-.904-.066-.662-1.053-.263-1.053.398 0 .598-.018.598-.018l.05-1.08s-2.07-.245-2.157 1.15c-.08 1.278.14 1.88.3 2.01.16.132.44.388 2.975.388 3.57 0 2.26-10.41 2.26-11.293zm-1.46 4.622c-.138.15-.645-.247-1.13-.247-.486 0-1.01.258-1.132.09-.122-.17.113-1.532 1.025-1.532.916 0 1.38 1.54 1.238 1.69zm-7.407-4.73c0-.175.045-2.294.045-2.294L6.228 8.366h2.227c.366 0 .422-.175.422-.35z\"/>\n </symbol>\n\n <symbol id=\"icon-link-circle\" viewBox=\"0 0 25 25\">\n <path d=\"M12.5.926C6.108.926.926 6.108.926 12.5c0 6.393 5.182 11.574 11.574 11.574 6.393 0 11.574-5.182 11.574-11.574C24.074 6.108 18.894.926 12.5.926zm0 21.433c-5.445 0-9.86-4.415-9.86-9.86 0-5.445 4.415-9.86 9.86-9.86 5.445 0 9.86 4.415 9.86 9.86 0 5.445-4.415 9.86-9.86 9.86zm.6-10.52c-.08-.12-.22-.22-.42-.3l1.2-1.2.42.36c.4.4.66.9.78 1.498.238.843.14 1.662-.3 2.462-.162.28-.32.5-.48.658l-2.22 2.223c-.64.638-1.42.96-2.34.96-.92 0-1.702-.322-2.34-.96a3.237 3.237 0 0 1-.9-2.28c0-.92.3-1.7.9-2.34l1.38-1.32c0 .52.04.98.12 1.38l.18.602-.48.48c-.32.32-.48.697-.48 1.14 0 .48.16.88.48 1.198.32.32.7.48 1.14.48.44 0 .82-.16 1.14-.48l2.222-2.22c.2-.2.34-.46.42-.78.04-.08.06-.22.06-.42a1.564 1.564 0 0 0-.48-1.14m4.44-4.44c.636.64.958 1.42.958 2.34 0 .92-.322 1.7-.96 2.34l-1.378 1.32c.037-.52 0-.98-.12-1.38l-.123-.66.48-.48c.32-.32.478-.698.478-1.14 0-.44-.158-.82-.48-1.14-.318-.322-.717-.48-1.197-.48-.44 0-.82.16-1.14.48l-2.22 2.22a2 2 0 0 0-.36.72c-.08.16-.12.3-.12.418 0 .48.158.86.48 1.143.118.12.258.22.42.3v.06l-1.14 1.142-.42-.302c-.4-.44-.68-.94-.84-1.498-.24-.882-.122-1.7.36-2.46.16-.282.32-.502.478-.663l2.22-2.28c.643-.6 1.422-.9 2.342-.9.88 0 1.64.3 2.28.9\"/>\n </symbol>\n\n <symbol id=\"icon-more\" viewBox=\"0 0 25 25\">\n <path d=\"M12.5.9C6.1.9.9 6.1.9 12.5s5.2 11.6 11.6 11.6 11.6-5.2 11.6-11.6S18.9.9 12.5.9zm0 21.5c-5.4 0-9.9-4.4-9.9-9.9S7 2.6 12.5 2.6s9.9 4.4 9.9 9.9-4.5 9.9-9.9 9.9z\"/>\n <circle cx=\"12.5\" cy=\"12.5\" r=\"1.9\"/>\n <circle cx=\"6.4\" cy=\"12.5\" r=\"1.9\"/>\n <circle cx=\"18.5\" cy=\"12.5\" r=\"1.9\"/>\n </symbol>\n\n <symbol id=\"icon-twitter-x\" viewBox=\"0 0 21 21\">\n <path d=\"m12.046 8.728.008-.02.01-.015L19.406.33a1.72 1.72 0 0 0 .04-.052c.002-.003.004-.006.004-.009 0-.003-.003-.005-.009-.017h-.096c-.503 0-1.006.003-1.509-.002a.246.246 0 0 0-.208.094c-1.485 1.695-2.973 3.388-4.46 5.082l-1.836 2.09-.077.083-.063-.087L6.164.338A.18.18 0 0 0 5.996.25c-1.487.003-2.974.002-4.46.002H.272C.24.252.208.255.16.257c2.604 3.713 5.196 7.41 7.79 11.112-2.595 2.958-5.186 5.909-7.789 8.874.049.003.076.005.103.005.521 0 1.043 0 1.565.002.066 0 .11-.022.152-.07.975-1.114 1.952-2.227 2.929-3.34l3.763-4.288c.018-.02.038-.039.06-.061.024.032.043.056.061.082l2.22 3.165 3.105 4.433c.038.054.075.08.144.079 1.915-.002 3.829-.002 5.743-.002.03 0 .06-.003.11-.005l-8.07-11.515Zm5.596 10.28c-.858 0-1.716 0-2.574.002-.063 0-.088-.035-.118-.076l-1.17-1.643-4.495-6.303-4.019-5.633-2.64-3.7-.07-.101h.117c.83 0 1.66 0 2.489-.002.07 0 .113.021.154.08C6.482 3.27 7.65 4.906 8.819 6.545l4.751 6.663 4.058 5.687.07.101c-.024.005-.04.012-.056.012Z\"/>\n </symbol>\n\n <symbol id=\"icon-facebook-no-circle\" viewBox=\"0 0 22 21\">\n <path d=\"M9.257 19.688V11.55H6.514V8.387h2.743V6.051c0-2.126 1.312-4.174 3.425-4.174.943 0 2.274.034 3.085.118v2.822h-1.68a1.411 1.411 0 0 0-1.557.927c-.05.203-.07.413-.057.622v2.021h3.136l-.354 3.163h-2.783v8.138H9.258Z\"/>\n </symbol>\n\n <symbol id=\"ic_new-window\" viewBox=\"0 0 20 25\">\n <path d=\"M9.521 1a.825.825 0 0 1 .084 1.646l-.084.004H3.733c-.565 0-1.029.432-1.078.984l-.005.099v16.534c0 .565.432 1.029.984 1.078l.099.004h16.534c.565 0 1.029-.432 1.078-.984l.004-.099v-5.803a.825.825 0 0 1 1.646-.084l.005.085v5.803a2.732 2.732 0 0 1-2.596 2.729l-.137.004H3.733a2.732 2.732 0 0 1-2.729-2.596L1 20.267V3.733a2.732 2.732 0 0 1 2.596-2.729L3.733 1h5.788zm12.654 0c.094 0 .185.016.269.045l.022.008a.823.823 0 0 1 .305.202l.027.03a.912.912 0 0 1 .054.069l.024.037c.015.025.03.051.043.078l.016.036a.991.991 0 0 1 .03.082l.013.05a.619.619 0 0 1 .015.086l.002.018.005.084v8.25a.825.825 0 0 1-1.646.084l-.004-.084-.001-6.258-7.734 7.735a.826.826 0 0 1-1.227-1.1l.06-.067 7.736-7.738-6.259.003a.825.825 0 0 1-.084-1.646L13.925 1h8.25z\"/>\n </symbol>\n\n <symbol id=\"icon-pinterest\" viewBox=\"0 0 25 25.001\">\n <path d=\"M12.5 0C5.598 0 0 5.597 0 12.5c0 5.12 3.078 9.516 7.483 11.45-.035-.874-.006-1.922.217-2.87l1.608-6.813s-.4-.797-.4-1.977c0-1.85 1.076-3.235 2.413-3.235 1.137 0 1.686.853 1.686 1.875 0 1.143-.73 2.853-1.104 4.436-.313 1.326.666 2.407 1.97 2.407 2.37 0 3.965-3.04 3.965-6.646 0-2.74-1.844-4.79-5.2-4.79-3.793 0-6.155 2.827-6.155 5.985 0 1.09.32 1.858.824 2.453.232.273.264.382.18.696-.06.232-.197.785-.255 1.004-.082.318-.338.43-.624.313-1.747-.712-2.56-2.625-2.56-4.775 0-3.55 2.994-7.81 8.935-7.81 4.773 0 7.915 3.455 7.915 7.163 0 4.903-2.728 8.566-6.746 8.566-1.35 0-2.62-.728-3.054-1.556 0 0-.727 2.88-.88 3.436-.265.963-.784 1.927-1.258 2.678 1.124.33 2.31.512 3.542.512C19.403 25 25 19.404 25 12.5 25 5.596 19.403 0 12.5 0\"/>\n </symbol>\n\n <symbol id=\"icon-lock\" viewBox=\"0 0 24 24\">\n <path d=\"M6.5 10.9A1.1 1.1 0 0 0 5.4 12v7.7a1.1 1.1 0 0 0 1.1 1.1h11a1.1 1.1 0 0 0 1.1-1.1V12a1.1 1.1 0 0 0-1.1-1.1h-11zm2.2-2.2h6.6V6.5c0-2.194-1.22-3.3-3.3-3.3S8.7 4.306 8.7 6.5v2.2zm8.8 0a3.3 3.3 0 0 1 3.3 3.3v7.7a3.3 3.3 0 0 1-3.3 3.3h-11a3.3 3.3 0 0 1-3.3-3.3V12a3.3 3.3 0 0 1 3.3-3.3V6.5C6.5 3.038 8.755 1 12 1s5.5 2.038 5.5 5.5v2.2z\"/>\n </symbol>\n\n <symbol id=\"ic_account-line\" viewBox=\"0 0 24 24\">\n <path d=\"M22.27 22.385a.73.73 0 0 1-.733-.727v-.483c0-1.337-.83-2.536-2.062-2.976-1.518-.545-4.037-1.194-7.475-1.194s-5.957.65-7.47 1.19c-1.23.44-2.06 1.638-2.06 2.975v.48a.735.735 0 0 1-1.47.004v-.48c0-1.957 1.22-3.706 3.036-4.355 1.622-.584 4.317-1.277 7.964-1.277s6.34.693 7.964 1.276C21.78 17.47 23 19.22 23 21.174v.48c0 .4-.33.73-.73.73zM12 3.085c2.425 0 4.4 1.975 4.4 4.4s-1.974 4.4-4.4 4.4-4.4-1.973-4.4-4.4 1.975-4.4 4.4-4.4m0-1.468a5.87 5.87 0 0 0 0 11.737 5.87 5.87 0 0 0 0-11.74v.003z\"/>\n </symbol>\n\n <symbol id=\"ic_arrow-down\" height=\"16\" viewBox=\"0 0 16 16\" width=\"16\" xmlns=\"http://www.w3.org/2000/svg\">\n <path fill-rule=\"evenodd\" d=\"m4 4.666 4 4 4-4 1.333 1.333L8 11.333 2.667 5.999z\" clip-rule=\"evenodd\"/>\n </symbol>\n\n <symbol id=\"ic_checkcircle\" viewBox=\"0 0 24 24\">\n <path d=\"M6.497 12.47c0-.24.095-.487.28-.67a.956.956 0 0 1 1.344 0l1.864 1.846 5.027-5.01a.957.957 0 0 1 1.347 0 .94.94 0 0 1 .01 1.328l-.01.01-5.703 5.682a.955.955 0 0 1-1.345 0L6.77 13.14a.99.99 0 0 1-.273-.67z\"/>\n <path d=\"M12 1.006C5.923 1.006 1 5.928 1 12s4.927 10.994 11 10.994c6.077 0 11-4.922 11-10.994S18.077 1.006 12 1.006zm.017 20.163C6.96 21.17 2.86 17.066 2.86 12c0-5.06 4.1-9.17 9.157-9.17s9.158 4.103 9.158 9.17-4.102 9.17-9.158 9.17z\"/>\n </symbol>\n\n <symbol id=\"ic_settingsalt\" viewBox=\"0 0 24 24\">\n <path d=\"m21.783 14.12-1.354-1.2a7.011 7.011 0 0 0 0-1.849l1.353-1.193a1.94 1.94 0 0 0 .39-2.42l-1.116-1.91a1.964 1.964 0 0 0-2.3-.87l-1.722.562a8.716 8.716 0 0 0-1.634-.936l-.368-1.755c-.188-.9-.99-1.55-1.916-1.55h-2.23c-.917 0-1.72.65-1.913 1.546l-.37 1.756a8.53 8.53 0 0 0-1.633.935L5.247 4.66a1.97 1.97 0 0 0-2.3.868L1.83 7.438a1.94 1.94 0 0 0 .39 2.42l1.35 1.195a7.1 7.1 0 0 0-.002 1.865l-1.353 1.2a1.94 1.94 0 0 0-.39 2.42l1.122 1.916a1.964 1.964 0 0 0 2.3.87l1.728-.562c.506.37 1.05.682 1.634.93l.368 1.76c.187.9.99 1.548 1.915 1.548h2.23c.918 0 1.72-.65 1.914-1.546l.37-1.76a8.583 8.583 0 0 0 1.633-.936l1.722.56a1.972 1.972 0 0 0 2.3-.868l1.117-1.91a1.95 1.95 0 0 0-.397-2.42zm-.726 1.765-1.117 1.91a.667.667 0 0 1-.78.29l-2.384-.775-.275.22a7.35 7.35 0 0 1-1.903 1.09l-.33.127-.512 2.443a.66.66 0 0 1-.644.517h-2.228a.656.656 0 0 1-.644-.517l-.512-2.438-.33-.127a7.237 7.237 0 0 1-1.904-1.084l-.27-.214-2.382.777a.67.67 0 0 1-.78-.292L2.94 15.903a.64.64 0 0 1 .132-.803l1.876-1.663-.055-.347c-.066-.413-.093-.76-.093-1.09s.028-.677.094-1.09l.055-.352-1.876-1.656a.64.64 0 0 1-.132-.803l1.123-1.916a.667.667 0 0 1 .78-.292l2.378.776.275-.22a7.17 7.17 0 0 1 1.904-1.084l.33-.127.512-2.432a.66.66 0 0 1 .644-.517h2.23a.65.65 0 0 1 .643.517l.513 2.438.33.127c.693.27 1.337.633 1.904 1.09l.275.22 2.377-.776c.296-.1.626.028.78.292l1.117 1.91c.154.263.1.6-.132.802L19.05 10.57l.054.347c.06.407.094.754.094 1.084s-.028.672-.094 1.08l-.055.347 1.88 1.662c.226.2.28.53.127.795z\"/>\n <path d=\"M12 15.23c-1.8 0-3.26-1.453-3.26-3.236S10.206 8.758 12 8.758s3.257 1.453 3.257 3.236S13.8 15.23 12 15.23zm0-5.178c-1.085 0-1.965.87-1.965 1.942s.88 1.942 1.964 1.942 1.963-.87 1.963-1.942-.88-1.942-1.964-1.942z\"/>\n </symbol>\n\n <symbol id=\"ic_warning\" viewBox=\"0 0 24 24\">\n <path d=\"M14.534 2.567L22.7 18.9a2.834 2.834 0 0 1-2.534 4.1H3.834A2.834 2.834 0 0 1 1.3 18.9L9.464 2.566a2.834 2.834 0 0 1 5.07 0zm-2.027.253a1.134 1.134 0 0 0-1.52.507L2.82 19.66a1.133 1.133 0 0 0 1.013 1.64h16.332a1.134 1.134 0 0 0 1.014-1.64L13.013 3.326a1.133 1.133 0 0 0-.506-.507zm-.448 12.417h-.12a.956.956 0 0 1-.954-.956V8.37c0-.526.428-.954.955-.954h.12c.527 0 .955.428.955.955v5.912a.956.956 0 0 1-.956.955zm1.074 2.422a1.135 1.135 0 1 1-2.27 0 1.135 1.135 0 0 1 2.27 0z\"/>\n </symbol>\n\n <symbol id=\"ic_multi\" viewBox=\"0 0 24 24\">\n <path d=\"M1.733 3.44h1.955a.733.733 0 0 1 0 1.466H1.734a.733.733 0 0 1 0-1.466zm4.643-.243a.978.978 0 0 1 0 1.956.98.98 0 0 1 0-1.956zm2.934 0a.978.978 0 0 1 0 1.956.978.978 0 0 1 0-1.956zm2.932 0a.978.978 0 0 1 0 1.956.978.978 0 0 1 0-1.956zm2.688.243h2.933a.733.733 0 0 1 0 1.466H14.93a.733.733 0 0 1 0-1.466z\"/>\n <path d=\"m17.433 1.247 2.42 2.42a.734.734 0 0 1-1.037 1.037l-2.42-2.42a.732.732 0 0 1 1.037-1.037z\"/>\n <path d=\"m16.397 6.076 2.42-2.42a.734.734 0 0 1 1.037 1.037l-2.42 2.42a.732.732 0 0 1-1.037-1.037zM1.733 19.082h1.955a.733.733 0 0 1 0 1.466H1.734a.733.733 0 0 1 0-1.466zm4.643-.245a.978.978 0 0 1 0 1.956.978.978 0 0 1-.978-.978c0-.54.44-.978.978-.978zm2.934 0a.978.978 0 0 1 0 1.956.98.98 0 0 1 0-1.956zm2.932 0a.978.978 0 0 1 0 1.956.978.978 0 0 1 0-1.956zm2.688.245h2.933a.733.733 0 0 1 0 1.466H14.93a.733.733 0 0 1 0-1.466z\"/>\n <path d=\"m17.433 16.887 2.42 2.42a.734.734 0 0 1-1.037 1.037l-2.42-2.42a.734.734 0 0 1 1.037-1.037z\"/>\n <path d=\"m16.397 21.716 2.42-2.42a.734.734 0 0 1 1.037 1.037l-2.42 2.42a.732.732 0 0 1-1.037-1.037zM4.666 11.26H6.62a.733.733 0 0 1 0 1.466H4.667a.733.733 0 0 1 0-1.466zm4.644-.243a.978.978 0 0 1 0 1.956.98.98 0 0 1 0-1.956zm2.932 0a.978.978 0 0 1 0 1.956.978.978 0 0 1 0-1.956zm2.932 0a.978.978 0 0 1 0 1.956.98.98 0 0 1 0-1.956zm2.689.243h2.933a.733.733 0 0 1 0 1.466h-2.934a.733.733 0 0 1 0-1.466z\"/>\n <path d=\"m20.366 9.067 2.42 2.42a.734.734 0 0 1-1.037 1.037l-2.42-2.42a.734.734 0 0 1 1.037-1.037z\"/>\n <path d=\"m19.33 13.896 2.418-2.42a.734.734 0 0 1 1.037 1.037l-2.42 2.42a.734.734 0 0 1-1.037-1.037z\"/>\n </symbol>\n\n <symbol id=\"ic_single\" viewBox=\"0 0 24 24\">\n <path d=\"M1.673 11.322H3.02a.673.673 0 0 1 0 1.346H1.673a.673.673 0 0 1 0-1.346zm3.817-.225a.898.898 0 0 1 0 1.796.898.898 0 0 1 0-1.796zm2.692 0a.898.898 0 0 1 0 1.796.898.898 0 0 1 0-1.796zm2.693 0a.898.898 0 0 1 0 1.796.9.9 0 0 1 0-1.796zm2.695 0a.898.898 0 0 1 0 1.796.898.898 0 0 1 0-1.796zm2.692 0a.898.898 0 0 1 0 1.796.898.898 0 0 1 0-1.796zm2.468.225h2.245a.673.673 0 0 1 0 1.346H18.73a.672.672 0 0 1 0-1.346z\"/>\n <path d=\"m20.58 9.306 2.223 2.222a.673.673 0 0 1-.952.952l-2.222-2.222a.673.673 0 0 1 0-.952.675.675 0 0 1 .95 0z\"/>\n <path d=\"m19.63 13.74 2.22-2.22a.673.673 0 0 1 .952.952l-2.22 2.22a.673.673 0 0 1-.952-.952z\"/>\n </symbol>\n\n <symbol id=\"ic_selection\" viewBox=\"0 0 24 24\">\n <path d=\"M7.364 23a1.71 1.71 0 0 1-1.226-.51 1.743 1.743 0 0 1 0-2.46l8.017-8.05-8.022-8.056A1.74 1.74 0 0 1 8.59 1.466l9.272 9.27a1.743 1.743 0 0 1 0 2.46l-9.27 9.27c-.32.336-.766.53-1.228.534z\"/>\n </symbol>\n\n <symbol id=\"ic_info\" viewBox=\"0 0 24 24\">\n <path d=\"M12 1c6.075 0 11 4.925 11 11s-4.925 11-11 11S1 18.075 1 12 5.925 1 12 1zm.014 20.17c5.06 0 9.157-4.1 9.157-9.17 0-5.066-4.096-9.17-9.156-9.17S2.856 6.932 2.856 12a9.164 9.164 0 0 0 9.158 9.17zm.04-3.648h-.11a.927.927 0 0 1-.926-.927v-5.736c0-.513.415-.928.927-.928h.115c.512 0 .927.415.927.927v5.735a.927.927 0 0 1-.925.928h-.007zm1.046-9.94a1.1 1.1 0 1 1-2.206 0 1.1 1.1 0 0 1 2.208 0H13.1z\"/>\n </symbol>\n\n <symbol id=\"logo_downdetector_white\" viewBox=\"0 0 185 24\">\n <style>\n .st0{fill:#bf011f}.st1{fill:#fff}\n </style>\n <path class=\"st0\" d=\"M177.05 1.002a6.25 6.25 0 0 1 1.2.203 7.243 7.243 0 0 1 3.324 1.903 7.34 7.34 0 0 1 1.855 3.103c.123.417.228.838.26 1.27.067.892.076 1.785-.182 2.657-.105.357-.2.72-.343 1.06a7.367 7.367 0 0 1-4.816 4.23 6.83 6.83 0 0 1-1.373.25c-.543.038-1.088.038-1.635-.053a8.275 8.275 0 0 1-1.564-.398.347.347 0 0 0-.288.022c-.996.478-1.993.953-2.99 1.427-.046.022-.098.03-.172.05 0-.086-.01-.152 0-.214.08-.492.164-.984.245-1.476.03-.177.056-.355.086-.532.057-.34.11-.683.175-1.023.035-.183-.03-.322-.143-.456-.93-1.098-1.46-2.378-1.642-3.794-.09-.7-.078-1.407.053-2.11.096-.52.228-1.025.418-1.516a7.064 7.064 0 0 1 1.15-1.954 7.413 7.413 0 0 1 1.708-1.524c.512-.33 1.056-.6 1.634-.785.532-.17 1.075-.31 1.64-.333.113-.005 1.303-.01 1.402-.005zm.554 5.387c.02-.407.038-.814.06-1.22.034-.64.072-1.28.105-1.918.007-.143-.034-.195-.17-.228-.05-.013-.104-.017-.157-.022-.7-.064-1.4-.065-2.1 0-.326.03-.354.068-.336.398.092 1.658.182 3.317.27 4.975.02.38.03.76.056 1.14.012.19.046.225.222.25.55.08 1.104.08 1.655.003.2-.028.215-.06.226-.262l.168-3.117zm-.046 5.4c-.018-.327-.025-.547-.043-.766-.014-.178-.057-.224-.225-.253a5.114 5.114 0 0 0-1.81.002c-.16.03-.184.06-.207.22-.08.553-.037 1.103.036 1.653.02.166.073.22.242.242a7.1 7.1 0 0 0 1.674 0c.127-.015.207-.074.222-.212.04-.33.082-.66.11-.884z\" id=\"UzMzh2.tif\"/>\n <path class=\"st1\" d=\"M8.51 21.53c-.31.52-.715.897-1.218 1.126S6.222 23 5.59 23c-.72 0-1.353-.14-1.9-.42a3.808 3.808 0 0 1-1.348-1.134 5.11 5.11 0 0 1-.8-1.647 6.91 6.91 0 0 1-.27-1.936c0-.645.09-1.27.27-1.87a4.87 4.87 0 0 1 .8-1.59c.354-.46.797-.83 1.33-1.108.534-.28 1.155-.42 1.862-.42.57 0 1.113.122 1.628.364.515.242.92.6 1.22 1.07h.036V9.47h2.643V22.76H8.55V21.53H8.51zm-.11-4.755a2.815 2.815 0 0 0-.383-.968 2.157 2.157 0 0 0-.698-.68c-.287-.173-.646-.26-1.08-.26-.434 0-.8.087-1.098.26a2.053 2.053 0 0 0-.716.69c-.18.285-.31.61-.39.976-.082.366-.122.748-.122 1.145 0 .372.043.744.13 1.116.087.372.226.704.42.996a2.3 2.3 0 0 0 .725.707c.29.18.64.27 1.05.27.435 0 .798-.086 1.09-.26.29-.174.524-.406.698-.698a3.1 3.1 0 0 0 .372-.997 5.904 5.904 0 0 0 0-2.298zM13.107 15.863c.236-.626.57-1.16 1.005-1.6a4.49 4.49 0 0 1 1.563-1.023c.608-.242 1.29-.363 2.047-.363.757 0 1.442.12 2.056.363a4.488 4.488 0 0 1 1.572 1.023c.434.44.77.974 1.005 1.6.236.627.354 1.325.354 2.094 0 .77-.12 1.464-.355 2.084-.236.622-.57 1.152-1.005 1.592-.434.44-.958.78-1.572 1.014-.613.236-1.3.354-2.055.354-.757 0-1.44-.118-2.047-.354a4.4 4.4 0 0 1-1.563-1.014c-.434-.44-.77-.97-1.005-1.59-.236-.62-.354-1.316-.354-2.085 0-.77.118-1.467.353-2.094zm2.4 3.22c.075.366.202.695.382.986.18.29.418.523.715.697.298.174.67.26 1.117.26s.822-.086 1.126-.26a2.01 2.01 0 0 0 .726-.698c.18-.292.307-.62.382-.987a5.733 5.733 0 0 0 0-2.26 2.903 2.903 0 0 0-.382-.987 2.122 2.122 0 0 0-.726-.698c-.304-.18-.68-.27-1.126-.27s-.82.09-1.117.27c-.298.18-.537.412-.716.698a2.89 2.89 0 0 0-.382.986 5.733 5.733 0 0 0 0 2.26zM32.703 22.758L30.99 16.3h-.036l-1.638 6.458H26.58l-3.052-9.62h2.79l1.77 6.53h.036l1.6-6.53h2.568l1.638 6.512h.037l1.768-6.513h2.717l-3.033 9.62h-2.717zM42.082 13.137v1.34h.056c.335-.558.77-.964 1.303-1.22a3.77 3.77 0 0 1 1.64-.38c.706 0 1.286.095 1.74.287.452.193.808.46 1.07.8.26.34.442.757.548 1.247.105.49.158 1.034.158 1.63v5.917h-2.643v-5.434c0-.794-.124-1.386-.372-1.777-.247-.39-.688-.586-1.32-.586-.72 0-1.24.214-1.563.642-.323.428-.484 1.132-.484 2.112v5.043H39.57v-9.62h2.512zM57.435 21.53c-.31.52-.716.897-1.22 1.126-.5.23-1.07.344-1.702.344-.72 0-1.352-.14-1.898-.42a3.808 3.808 0 0 1-1.35-1.134 5.11 5.11 0 0 1-.8-1.647 6.91 6.91 0 0 1-.27-1.936c0-.645.09-1.27.27-1.87a4.87 4.87 0 0 1 .8-1.59c.355-.46.798-.83 1.332-1.108.533-.28 1.154-.42 1.86-.42.57 0 1.114.122 1.63.364.514.242.92.6 1.218 1.07h.037V9.47h2.643V22.76h-2.512V21.53h-.038zm-.112-4.755a2.815 2.815 0 0 0-.382-.968 2.157 2.157 0 0 0-.697-.68c-.286-.173-.645-.26-1.08-.26-.433 0-.8.087-1.097.26a2.053 2.053 0 0 0-.716.69c-.18.285-.31.61-.39.976-.082.366-.122.748-.122 1.145 0 .372.043.744.13 1.116.087.372.226.704.42.996a2.3 2.3 0 0 0 .725.707c.29.18.642.27 1.052.27.434 0 .797-.086 1.09-.26.29-.174.523-.406.697-.698a3.1 3.1 0 0 0 .372-.997 5.904 5.904 0 0 0 0-2.298zM64.804 20.45c.397.385.968.577 1.712.577.533 0 .992-.133 1.377-.4.384-.266.62-.55.707-.847h2.326c-.372 1.154-.943 1.98-1.712 2.475-.77.497-1.7.745-2.79.745-.758 0-1.44-.12-2.048-.363a4.255 4.255 0 0 1-1.545-1.033 4.638 4.638 0 0 1-.976-1.6 5.847 5.847 0 0 1-.344-2.048c0-.72.118-1.39.354-2.01.236-.62.57-1.157 1.005-1.61.433-.453.95-.81 1.553-1.07a4.973 4.973 0 0 1 2-.39c.82 0 1.532.157 2.14.474.608.316 1.107.74 1.498 1.275a5.25 5.25 0 0 1 .848 1.824c.174.68.236 1.395.186 2.14h-6.94c.036.855.253 1.476.65 1.86zm2.987-5.062c-.315-.347-.796-.52-1.44-.52-.423 0-.773.07-1.053.213a2.01 2.01 0 0 0-.67.53 1.93 1.93 0 0 0-.354.67 3.03 3.03 0 0 0-.12.634h4.298c-.122-.67-.343-1.178-.66-1.526zM77.943 13.137v1.768h-1.935v4.764c0 .446.075.743.223.892.15.15.448.223.894.223.15 0 .29-.006.428-.02a3.57 3.57 0 0 0 .39-.055v2.047a6.26 6.26 0 0 1-.743.074c-.274.013-.54.02-.8.02-.41 0-.798-.028-1.164-.084a2.733 2.733 0 0 1-.968-.326c-.28-.16-.5-.39-.66-.688-.162-.298-.243-.69-.243-1.173v-5.677h-1.6v-1.768h1.6V10.25h2.643v2.885h1.935zM82.036 20.45c.397.385.968.577 1.712.577.533 0 .992-.133 1.377-.4.384-.266.62-.55.707-.847h2.326c-.372 1.154-.943 1.98-1.712 2.475-.768.497-1.7.745-2.79.745-.758 0-1.44-.12-2.048-.363a4.255 4.255 0 0 1-1.545-1.033 4.638 4.638 0 0 1-.977-1.6 5.847 5.847 0 0 1-.344-2.048c0-.72.118-1.39.354-2.01.236-.62.57-1.157 1.005-1.61.435-.453.953-.81 1.555-1.07a4.973 4.973 0 0 1 2-.39c.82 0 1.532.157 2.14.474.608.316 1.107.74 1.498 1.275a5.25 5.25 0 0 1 .847 1.824c.174.68.236 1.395.186 2.14h-6.94c.036.855.253 1.476.65 1.86zm2.987-5.062c-.316-.347-.797-.52-1.442-.52-.42 0-.77.07-1.05.213a2.01 2.01 0 0 0-.67.53 1.93 1.93 0 0 0-.355.67 3.03 3.03 0 0 0-.12.634h4.298c-.123-.67-.343-1.178-.66-1.526zM94.486 14.867c-.422 0-.776.096-1.06.29-.287.192-.52.44-.7.743-.18.304-.306.64-.38 1.005s-.112.73-.112 1.09c0 .346.037.7.112 1.06.074.36.195.686.363.977.166.292.393.53.678.717.285.185.633.278 1.042.278.633 0 1.12-.177 1.46-.53.342-.354.556-.828.643-1.424h2.55c-.174 1.278-.67 2.252-1.49 2.922-.818.67-1.866 1.004-3.144 1.004-.72 0-1.38-.12-1.983-.363a4.387 4.387 0 0 1-1.535-1.014 4.6 4.6 0 0 1-.986-1.554 5.38 5.38 0 0 1-.354-1.983c0-.744.108-1.436.326-2.075.217-.64.537-1.19.958-1.656a4.4 4.4 0 0 1 1.545-1.09c.61-.26 1.303-.39 2.085-.39.57 0 1.12.074 1.647.223.527.148.998.374 1.414.678.416.304.754.682 1.015 1.135.26.453.41.99.447 1.61H96.44c-.174-1.103-.825-1.656-1.954-1.656zM105.856 13.137v1.768h-1.935v4.764c0 .446.075.743.224.892.15.15.447.223.893.223.15 0 .29-.006.428-.02.136-.01.266-.03.39-.055v2.047a6.26 6.26 0 0 1-.743.074c-.273.013-.54.02-.8.02-.41 0-.797-.028-1.163-.084a2.733 2.733 0 0 1-.97-.326c-.278-.16-.5-.39-.66-.688-.16-.298-.242-.69-.242-1.173v-5.677h-1.6v-1.768h1.6V10.25h2.642v2.885h1.936zM107.177 15.863c.236-.626.57-1.16 1.005-1.6a4.49 4.49 0 0 1 1.563-1.023c.608-.242 1.29-.363 2.047-.363.757 0 1.442.12 2.056.363a4.5 4.5 0 0 1 1.573 1.023c.435.44.77.974 1.006 1.6.236.627.354 1.325.354 2.094 0 .77-.118 1.464-.354 2.084-.236.622-.57 1.152-1.005 1.592-.434.44-.957.78-1.572 1.014-.614.236-1.3.354-2.056.354-.757 0-1.44-.118-2.047-.354a4.4 4.4 0 0 1-1.563-1.014c-.434-.44-.77-.97-1.005-1.59-.236-.62-.354-1.316-.354-2.085 0-.77.118-1.467.354-2.094zm2.4 3.22c.075.366.203.695.383.986.18.29.42.523.717.697.298.174.67.26 1.116.26s.822-.086 1.126-.26a2.01 2.01 0 0 0 .725-.698c.18-.292.307-.62.382-.987a5.733 5.733 0 0 0 0-2.26 2.883 2.883 0 0 0-.383-.987 2.122 2.122 0 0 0-.726-.698c-.305-.18-.68-.27-1.127-.27s-.82.09-1.116.27c-.298.18-.537.412-.717.698a2.91 2.91 0 0 0-.382.986 5.81 5.81 0 0 0 0 2.26zM121.004 13.137v1.787h.037a3.303 3.303 0 0 1 1.228-1.48c.274-.18.566-.318.876-.418.31-.1.633-.15.968-.15.174 0 .366.032.577.094v2.456a4.787 4.787 0 0 0-.448-.065 4.62 4.62 0 0 0-.502-.027c-.484 0-.893.08-1.228.242a2.13 2.13 0 0 0-.81.66 2.63 2.63 0 0 0-.437.978c-.087.372-.13.776-.13 1.21v4.336h-2.643v-9.622h2.512zM127.052 19.892v2.866h-2.922v-2.866h2.922zM133.79 14.867c-.423 0-.777.096-1.062.29-.286.192-.518.44-.698.743-.18.304-.307.64-.382 1.005s-.112.73-.112 1.09c0 .346.037.7.112 1.06.074.36.196.686.363.977.168.292.395.53.68.717.285.185.633.278 1.042.278.633 0 1.12-.177 1.46-.53.342-.354.556-.828.643-1.424h2.55c-.174 1.278-.67 2.252-1.49 2.922-.818.67-1.866 1.005-3.144 1.005-.72 0-1.38-.12-1.98-.362a4.387 4.387 0 0 1-1.536-1.014 4.6 4.6 0 0 1-.986-1.554 5.38 5.38 0 0 1-.354-1.982c0-.744.11-1.436.326-2.075.217-.64.537-1.19.958-1.656a4.4 4.4 0 0 1 1.545-1.09c.608-.26 1.303-.39 2.084-.39.57 0 1.12.074 1.647.223.527.15 1 .375 1.414.68.416.303.754.68 1.014 1.134.26.453.41.99.446 1.61h-2.587c-.17-1.104-.822-1.657-1.95-1.657zM139.93 15.863c.236-.626.57-1.16 1.005-1.6a4.49 4.49 0 0 1 1.563-1.023c.608-.242 1.29-.363 2.047-.363.757 0 1.442.12 2.056.363a4.5 4.5 0 0 1 1.574 1.023c.434.44.77.974 1.005 1.6.235.627.353 1.325.353 2.094 0 .77-.118 1.464-.354 2.084-.237.622-.572 1.152-1.006 1.592-.435.44-.958.78-1.573 1.014-.613.236-1.3.354-2.055.354-.757 0-1.44-.118-2.047-.354a4.4 4.4 0 0 1-1.563-1.014c-.434-.44-.77-.97-1.005-1.59-.236-.62-.354-1.316-.354-2.085 0-.77.118-1.467.354-2.094zm2.4 3.22c.074.366.202.695.382.986.18.29.42.523.717.697.297.174.67.26 1.116.26s.822-.086 1.126-.26a2.01 2.01 0 0 0 .726-.698c.18-.292.307-.62.382-.987a5.733 5.733 0 0 0 0-2.26 2.883 2.883 0 0 0-.382-.987 2.122 2.122 0 0 0-.726-.698c-.304-.18-.68-.27-1.126-.27s-.82.09-1.117.27c-.3.18-.538.412-.718.698a2.91 2.91 0 0 0-.382.986 5.81 5.81 0 0 0 0 2.26zM153.812 13.137v1.303h.037c.346-.496.765-.88 1.255-1.154.49-.273 1.052-.41 1.684-.41.607 0 1.162.12 1.664.355.502.237.884.652 1.145 1.248a4.08 4.08 0 0 1 1.162-1.116c.49-.322 1.07-.484 1.74-.484.508 0 .98.062 1.414.186.434.124.806.323 1.117.595.31.272.552.63.726 1.07.173.44.26.97.26 1.59v6.44h-2.643v-5.454c0-.322-.013-.626-.037-.912a1.933 1.933 0 0 0-.205-.744 1.24 1.24 0 0 0-.493-.502c-.217-.124-.512-.186-.884-.186s-.673.072-.902.214c-.23.143-.41.33-.54.558-.13.23-.217.49-.26.782a5.917 5.917 0 0 0-.065.884v5.36h-2.642V17.36c0-.285-.006-.568-.02-.847a2.39 2.39 0 0 0-.157-.772 1.19 1.19 0 0 0-.464-.568c-.217-.143-.537-.214-.958-.214-.124 0-.29.03-.493.085-.205.056-.403.16-.596.316-.194.156-.358.38-.494.67-.136.293-.205.674-.205 1.145v5.583h-2.642v-9.62h2.494z\"/>\n </symbol>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_book\" viewBox=\"0 0 16 16\">\n <path d=\"M12.5 15.5h-9c-.827 0-1.5-.673-1.5-1.5V2C2 1.173 2.673.5 3.5.5h9c.827 0 1.5.673 1.5 1.5v12c0 .827-.673 1.5-1.5 1.5Zm-9-14A.5.5 0 0 0 3 2v12a.5.5 0 0 0 .5.5h9c.275 0 .5-.225.5-.5V2a.5.5 0 0 0-.5-.5h-9Z\"/>\n <path d=\"M6.906 6.434c-.32 0-.625-.142-.838-.403-.045-.044-.09-.044-.136 0-.295.362-.77.495-1.208.339A1.076 1.076 0 0 1 4 5.345V1h1v4.345c0 .018 0 .062.058.082.06.018.086-.014.098-.027.414-.51 1.273-.51 1.688 0 .01.013.037.045.098.027C7 5.407 7 5.363 7 5.345V1h1v4.345c0 .466-.284.868-.724 1.025a1.102 1.102 0 0 1-.37.064Z\"/>\n</svg>\n\n<svg id=\"ic_grid\" viewBox=\"0 0 16 16\" xmlns=\"http://www.w3.org/2000/svg\">\n <path fill-rule=\"evenodd\" d=\"M1.5 5.501c0 .19.056.328.196.469.141.14.28.197.47.197h3.335c.19 0 .328-.056.469-.197a.61.61 0 0 0 .197-.47V2.165a.605.605 0 0 0-.197-.468.61.61 0 0 0-.47-.197H2.165a.605.605 0 0 0-.468.196.61.61 0 0 0-.197.47zm0 8.334c0 .189.056.327.196.468.141.14.28.197.47.197h3.335c.19 0 .328-.055.469-.196a.61.61 0 0 0 .197-.47v-3.335a.605.605 0 0 0-.197-.469.61.61 0 0 0-.47-.197H2.165a.605.605 0 0 0-.468.197.61.61 0 0 0-.197.47zM9.833 5.5c0 .19.056.328.197.469.14.14.28.197.47.197h3.334c.19 0 .328-.056.469-.197a.61.61 0 0 0 .197-.47V2.165a.605.605 0 0 0-.196-.468.61.61 0 0 0-.47-.197h-3.335a.605.605 0 0 0-.469.196.61.61 0 0 0-.197.47zm0 8.334c0 .189.056.327.197.468.14.14.28.197.47.197h3.334c.19 0 .328-.055.469-.196s.197-.28.197-.47v-3.335a.606.606 0 0 0-.196-.469.61.61 0 0 0-.47-.197h-3.335a.606.606 0 0 0-.469.197.61.61 0 0 0-.197.47zm-1-.002c0 .458.163.85.49 1.177s.719.49 1.177.49h3.333c.458 0 .85-.163 1.177-.49.327-.326.49-.718.49-1.177V10.5c0-.458-.163-.85-.49-1.177a1.605 1.605 0 0 0-1.177-.49H10.5c-.458 0-.85.163-1.177.49-.326.326-.49.719-.49 1.177zm0-8.333c0 .458.163.85.49 1.177.326.326.719.49 1.177.49h3.333c.458 0 .85-.163 1.177-.49s.49-.719.49-1.177V2.167c0-.458-.163-.85-.49-1.177A1.605 1.605 0 0 0 13.834.5H10.5c-.458 0-.85.163-1.177.49-.326.326-.49.718-.49 1.177zM5.5 7.167c.458 0 .85-.163 1.177-.49.326-.326.49-.719.49-1.177V2.167c0-.458-.163-.85-.49-1.177S5.958.5 5.5.5H2.167C1.709.5 1.317.663.99.99.663 1.315.5 1.707.5 2.166V5.5c0 .458.163.85.49 1.177.326.326.718.49 1.177.49zm0 8.333c.458 0 .85-.163 1.177-.49.326-.326.49-.718.49-1.177V10.5c0-.458-.163-.85-.49-1.177a1.606 1.606 0 0 0-1.177-.49H2.167c-.458 0-.85.163-1.177.49S.5 10.041.5 10.5v3.333c0 .458.163.85.49 1.177.326.327.718.49 1.177.49z\" clip-rule=\"evenodd\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_charts\" viewBox=\"0 0 15 15\">\n <path d=\"M.938 12.813h13.125v1.25H.938zM4.07 6.875H1.555a.618.618 0 0 0-.618.618v4.382h3.75V7.493a.618.618 0 0 0-.619-.618Zm-.383 4h-1.75v-3h1.75v3ZM8.759 1.25H6.24a.616.616 0 0 0-.616.616v10.009h3.75V1.866a.616.616 0 0 0-.616-.616Zm-.384 9.625h-1.75V2.25h1.75v8.625Zm5.067-6.812h-2.51a.62.62 0 0 0-.62.62v7.192h3.75V4.683a.62.62 0 0 0-.62-.62Zm-.38 6.812h-1.75V5.062h1.75v5.813Z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_chat\" viewBox=\"0 0 17 17\">\n <path d=\"m2 16 .006-12.6c0-.772.58-1.4 1.294-1.4h10.4c.717 0 1.3.628 1.3 1.4v8.4c0 .772-.583 1.4-1.3 1.4H4.6L2 16ZM3.3 3c-.12 0-.294.143-.294.4l-.005 10.05 1.164-1.25H13.7c.122 0 .3-.143.3-.401V3.4c0-.257-.178-.4-.3-.4H3.3Z\"/>\n <path d=\"M5 5h7v1H5V5Zm0 2h7v1H5V7Zm0 2h5v1H5V9Z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_file\" viewBox=\"0 0 17 17\">\n <path d=\"M14.313 16.188H2.687V1.938c0-.62.505-1.125 1.126-1.125h6.562c.62 0 1.125.504 1.125 1.125v1.687h1.688c.62 0 1.124.505 1.124 1.125v11.438Zm-10.626-1h9.626V4.75a.125.125 0 0 0-.126-.125H10.5V1.937a.125.125 0 0 0-.125-.125H3.812a.125.125 0 0 0-.124.125v13.25Zm5.938-4h-4.75V10h4.75v1.188Zm2.5-2.813h-7.25V7h7.25v1.375Z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_ios\" viewBox=\"0 0 24 24\">\n <path d=\"M7.339 19.816h-5.5c-.463 0-.811-.376-.839-.839V7.137a.84.84 0 0 1 .839-.839h5.5a.84.84 0 0 1 .839.839v11.839a.839.839 0 0 1-.839.84zm-5.5-12.998a.32.32 0 0 0-.318.318v11.839a.32.32 0 0 0 .318.318h5.529a.32.32 0 0 0 .318-.318V7.137a.32.32 0 0 0-.318-.318l-5.529-.001z\"/>\n <circle cx=\"4.589\" cy=\"17.703\" r=\".579\"/>\n <circle cx=\"20.887\" cy=\"12.058\" r=\".579\"/>\n <path d=\"M22.189 19.816H9.076c-.145 0-.261-.116-.261-.261s.116-.261.261-.261H22.16a.32.32 0 0 0 .318-.318V5.024a.32.32 0 0 0-.318-.318H3.924a.32.32 0 0 0-.318.318V5.4c.029.145-.087.261-.232.289-.145.029-.261-.086-.29-.231v-.434a.84.84 0 0 1 .839-.839h18.266c.464-.001.811.376.811.839v13.982c0 .433-.376.81-.811.81z\"/>\n <path d=\"M10.118 13.65h-.289v-2.374h.289v2.374zm-.144-2.866c-.116 0-.203-.058-.232-.174-.029-.116.058-.203.174-.232h.058c.116 0 .203.058.232.174.029.116-.058.203-.174.232h-.058zm2.113 2.924c-.926 0-1.505-.666-1.505-1.708s.579-1.708 1.505-1.708 1.505.666 1.505 1.708-.579 1.708-1.505 1.708zm3.039 0c-.695 0-1.187-.376-1.216-.955h.318c.029.405.405.666.926.666s.839-.261.839-.637c0-.318-.203-.492-.695-.608l-.405-.116c-.608-.145-.897-.405-.897-.839 0-.521.492-.926 1.129-.926s1.129.376 1.129.897h-.318c-.029-.376-.347-.637-.839-.637s-.782.289-.782.637c0 .289.203.463.695.579l.347.087c.666.174.955.434.955.868.001.608-.462.984-1.186.984zm-3.039-3.126c-.724 0-1.187.55-1.187 1.418s.463 1.418 1.187 1.418 1.187-.55 1.187-1.418-.463-1.418-1.187-1.418z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_android\" viewBox=\"0 0 24 24\">\n <g transform=\"translate(-13 -12)\">\n <g transform=\"translate(13 12)\">\n <path d=\"M7.334 19.816H1.817A.828.828 0 0 1 1 18.999V7.147c0-.476.374-.817.817-.817h5.517c.477 0 .817.374.817.817v11.851c.035.443-.34.818-.817.818zM1.817 6.807a.342.342 0 0 0-.341.341v11.851c0 .102.034.17.102.238a.309.309 0 0 0 .238.102h5.517c.17 0 .306-.136.306-.341V7.147a.342.342 0 0 0-.341-.341H1.817z\"/>\n <circle cx=\"4.576\" cy=\"17.705\" r=\".579\"/>\n <circle cx=\"20.889\" cy=\"12.051\" r=\".579\"/>\n <path d=\"M22.183 19.816H9.071a.232.232 0 0 1-.238-.238c0-.136.102-.238.238-.238h13.112c.102 0 .17-.034.238-.102a.309.309 0 0 0 .102-.238V5.036a.309.309 0 0 0-.102-.238.309.309 0 0 0-.238-.102H3.929a.342.342 0 0 0-.341.341v.373c0 .102-.034.204-.136.238-.102.034-.204.068-.273 0s-.102-.136-.102-.238v-.409c0-.443.374-.817.852-.817h18.254c.443 0 .817.375.817.817v13.963c0 .477-.374.852-.817.852z\"/>\n </g>\n </g>\n <g transform=\"translate(-66.971 -261.917)\">\n <g transform=\"translate(480.526 -75.04) scale(1.32125)\">\n <path d=\"M-304.522 265.499c-.16 0-.325.128-.325.354 0 .206.145.351.325.351.149 0 .215-.1.215-.1v.043c0 .021.019.044.043.044h.108v-.676h-.151v.086a.259.259 0 0 0-.215-.102zm.027.138c.132 0 .201.116.201.215 0 .11-.083.215-.201.215-.099 0-.199-.08-.199-.217 0-.122.086-.213.199-.213z\"/>\n <path d=\"M-303.946 266.191a.042.042 0 0 1-.043-.044v-.633h.151v.084c.034-.052.101-.099.204-.099.168 0 .257.134.257.259v.433h-.105a.046.046 0 0 1-.046-.046v-.354c0-.07-.043-.154-.141-.154-.106 0-.169.1-.169.194v.359l-.108.001z\"/>\n <path d=\"M-302.936 265.499c-.16 0-.325.128-.325.354 0 .206.145.351.325.351.149 0 .215-.1.215-.1v.043c0 .021.019.044.044.044h.108v-1.015h-.151v.424c-.001 0-.068-.101-.216-.101zm.027.138c.132 0 .201.116.201.215 0 .11-.082.215-.201.215-.099 0-.199-.08-.199-.217 0-.122.085-.213.199-.213z\"/>\n <path d=\"M-302.36 266.191a.042.042 0 0 1-.043-.044v-.633h.151v.113a.186.186 0 0 1 .182-.12c.028 0 .054.005.054.005v.156s-.032-.013-.072-.013c-.106 0-.164.1-.164.194v.341l-.108.001z\"/>\n <path d=\"M-301.1 266.191a.042.042 0 0 1-.043-.044v-.633h.151v.676l-.108.001z\"/>\n <path d=\"M-300.549 265.499c-.16 0-.325.128-.325.354 0 .206.145.351.325.351.149 0 .215-.1.215-.1v.043c0 .021.019.044.043.044h.108v-1.015h-.151v.424a.258.258 0 0 0-.215-.101zm.027.138c.132 0 .201.116.201.215 0 .11-.083.215-.201.215-.099 0-.199-.08-.199-.217.001-.122.086-.213.199-.213z\"/>\n <circle cx=\"-301.069\" cy=\"265.269\" r=\".1\"/>\n <path d=\"M-301.618 265.499a.347.347 0 0 0-.352.352c0 .207.157.352.352.352a.352.352 0 0 0 0-.704zm.001.141c.116 0 .203.094.203.212 0 .12-.092.213-.203.213a.205.205 0 0 1-.202-.211c0-.13.094-.214.202-.214z\"/>\n </g>\n <path d=\"M82.331 272.342l.511-.885a.103.103 0 1 0-.178-.104l-.518.897a3.162 3.162 0 0 0-1.318-.281c-.478 0-.922.1-1.318.281l-.518-.897a.102.102 0 0 0-.141-.037.102.102 0 0 0-.037.141l.511.885a3.05 3.05 0 0 0-1.576 2.413h6.16a3.05 3.05 0 0 0-1.578-2.413zm-2.917 1.548a.258.258 0 1 1 0-.516.258.258 0 0 1 0 .516zm2.828 0a.258.258 0 1 1 0-.516.258.258 0 0 1 0 .516z\"/>\n </g>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_osx\" viewBox=\"0 0 24 24\">\n <path d=\"M12.023 8.677c-1.404 0-2.574 1.147-2.574 2.551s1.147 2.574 2.551 2.574 2.574-1.147 2.574-2.551c0-1.404-1.146-2.551-2.551-2.574zm1.241 4.119h-.304l-.936-1.334-.936 1.334h-.304l1.1-1.545-1.1-1.545h.304l.936 1.334.936-1.334h.304l-1.1 1.545 1.1 1.545z\"/>\n <path d=\"M19.817 17.383H4.206a.79.79 0 0 1-.796-.796V5.891a.79.79 0 0 1 .796-.796h15.611a.79.79 0 0 1 .796.796v10.696a.79.79 0 0 1-.796.796zM4.206 5.494a.394.394 0 0 0-.398.398v10.696a.41.41 0 0 0 .398.398h15.611a.41.41 0 0 0 .398-.398V5.891a.41.41 0 0 0-.398-.398l-15.611.001zm18.607 13.41H1.187c-.117 0-.187-.117-.187-.21 0-.094.094-.164.187-.187h21.626a.226.226 0 0 1 .187.233c-.023.094-.094.164-.187.164z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_windows\" viewBox=\"0 0 24 24\">\n <path d=\"M11.602 11.134V9.309l-1.989.234v1.591zm.281 0h2.504V8.981l-2.504.304zm-.281.257H9.613v1.592l1.989.234zm.281 0v1.849l2.504.305v-2.154z\"/>\n <path d=\"M19.817 17.383H4.206a.79.79 0 0 1-.796-.796V5.891a.79.79 0 0 1 .796-.796h15.611a.79.79 0 0 1 .796.796v10.696a.79.79 0 0 1-.796.796zM4.206 5.494a.394.394 0 0 0-.398.398v10.696a.41.41 0 0 0 .398.398h15.611a.41.41 0 0 0 .398-.398V5.891a.41.41 0 0 0-.398-.398l-15.611.001zm18.607 13.41H1.187c-.117 0-.187-.117-.187-.21 0-.094.094-.164.187-.187h21.626a.226.226 0 0 1 .187.233c-.023.094-.094.164-.187.164z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_appletv\" viewBox=\"0 0 24 24\">\n <path d=\"M12.899 10.51v-.364h-.501v-.569l-.501.114v.455h-.296v.364h.296v1.024a.778.778 0 0 0 .159.546.517.517 0 0 0 .432.159c.114 0 .25-.023.364-.046v-.387c-.068.023-.137.023-.205.023-.182 0-.25-.137-.25-.364v-.955h.502zm1.569-.364l-.319 1.092c-.046.182-.091.341-.137.501-.046-.159-.068-.319-.137-.501l-.319-1.092h-.546l.728 2.07h.501l.774-2.07h-.545zm-3.594.796c0-.228.114-.432.296-.523a.67.67 0 0 0-.523-.273c-.228-.023-.432.137-.546.137s-.296-.137-.478-.114a.645.645 0 0 0-.569.341c-.25.432-.068 1.069.182 1.411.114.182.25.364.432.364s.25-.114.455-.114c.205 0 .273.114.455.114s.319-.182.432-.341c.091-.114.159-.273.205-.41a.731.731 0 0 1-.341-.592zm-.614-1.251a.6.6 0 0 0-.16.432.487.487 0 0 0 .41-.205.576.576 0 0 0 .137-.455.758.758 0 0 0-.387.228z\"/>\n <path d=\"M22.34 4.663H1.637A.636.636 0 0 0 1 5.3v11.148c0 .341.273.637.637.637h10.192v1.888H8.758c-.091 0-.182.068-.182.182s.068.182.182.182h6.484c.091 0 .182-.068.182-.182s-.068-.182-.182-.182h-3.071v-1.888h10.192a.636.636 0 0 0 .637-.637V5.3c-.046-.364-.319-.637-.66-.637zm.296 11.762a.277.277 0 0 1-.273.273H1.66a.277.277 0 0 1-.273-.273V5.277c0-.159.137-.273.273-.273h20.703c.159 0 .273.137.273.273v11.148z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_cli\" viewBox=\"0 0 24 24\">\n <g transform=\"translate(-16 -12)\" id=\"Symbols\">\n <g id=\"icon-cli-copy\" transform=\"translate(16 12)\">\n <path id=\"Shape\" d=\"M22.179 20.898H1.821A.821.821 0 0 1 1 20.073V3.927a.82.82 0 0 1 .821-.825h20.357a.821.821 0 0 1 .822.825v16.146a.822.822 0 0 1-.821.825zM1.821 3.663a.26.26 0 0 0-.26.264v16.146a.26.26 0 0 0 .261.264h20.357a.26.26 0 0 0 .261-.264V3.927a.26.26 0 0 0-.261-.264H1.821z\"/>\n <circle id=\"Oval\" cx=\"3.161\" cy=\"5.279\" r=\".453\"/>\n <circle cx=\"4.67\" cy=\"5.279\" r=\".453\"/>\n <circle cx=\"6.179\" cy=\"5.279\" r=\".453\"/>\n <path id=\"Path\" d=\"M8.369 14.836a.42.42 0 0 1-.3-.127.423.423 0 0 1 0-.606l1.975-1.982-1.975-1.982a.43.43 0 0 1 .607-.606l2.281 2.281a.43.43 0 0 1 0 .606l-2.281 2.281a.431.431 0 0 1-.307.135z\"/>\n <path d=\"M15.644 13.923h-3.227a.43.43 0 0 0 0 .858h3.227a.43.43 0 0 0 0-.858z\"/>\n </g>\n </g>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_vpn\" viewBox=\"0 0 24 24\">\n <path d=\"M16.7 22.3H6.4c-.3 0-.5-.1-.5-.4v-20c0-.3.2-.6.5-.6h10.2c.4 0 .5.2.5.6v20c0 .2-.1.4-.4.4zm0-21.5H6.4c-.6 0-1 .5-1 1v20c0 .7.3 1 1 1h10.4c.5 0 .8-.3.8-.9V1.8c0-.6-.3-1-.9-1z\"/>\n <path d=\"M12.5 20.1h-1.9c-.2 0-.3.1-.3.3 0 .2.1.3.3.3h1.9c.2 0 .3-.1.3-.3s-.1-.3-.3-.3M10.3 9.2c0-.7.6-1.3 1.3-1.3s1.3.6 1.3 1.3v1.5h-2.6V9.2zm3.3 1.4h-.1V9.2c0-1-.8-1.9-1.9-1.9s-1.9.8-1.9 1.9v1.5h-.2c-.5 0-.9.4-.9.9V14c0 .6.4 1 .9 1h4.1c.5 0 .9-.4.9-.9v-2.5c0-.6-.4-1-.9-1z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_wifi\" viewBox=\"0 0 24 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path d=\"M11.9985 14.5931C11.9994 14.5939 11.9988 14.5954 11.9975 14.5954C11.4288 14.5901 10.8716 14.7556 10.3977 15.0698C10.1872 15.2264 10.1435 15.5239 10.2997 15.734C10.3137 15.7526 10.3289 15.7704 10.3455 15.7866L11.1033 16.5402C11.5998 17.0341 12.402 17.0342 12.8986 16.5404L13.6567 15.7866C13.8426 15.6011 13.8426 15.3007 13.6571 15.1157C13.641 15.0991 13.6232 15.0839 13.6045 15.0698C13.1297 14.753 12.5708 14.5863 11.9995 14.5907C11.9983 14.5907 11.9977 14.5922 11.9985 14.5931ZM15.882 12.0336C13.557 10.3863 10.4452 10.3863 8.11979 12.0336C7.69926 12.346 7.61184 12.9409 7.92501 13.3614C7.94962 13.3949 7.97721 13.4268 8.00606 13.4569C8.18599 13.6372 8.42999 13.7382 8.68502 13.737C8.87343 13.7378 9.05717 13.6801 9.21164 13.5706C10.8781 12.3824 13.1148 12.3824 14.7816 13.5706C14.9353 13.6801 15.1194 13.7378 15.3078 13.737C15.5629 13.7382 15.8073 13.6372 15.9868 13.4569C16.3547 13.0839 16.3509 12.483 15.9779 12.1147C15.9465 12.0841 15.913 12.0553 15.8773 12.029L15.882 12.0336ZM18.6623 9.37169C14.7829 6.20944 9.21503 6.20944 5.33521 9.37169C4.93547 9.71074 4.88625 10.3095 5.2253 10.7092C5.24185 10.7292 5.25967 10.7487 5.27792 10.7669C5.45615 10.9435 5.69675 11.0424 5.94712 11.0419C6.17499 11.0419 6.39651 10.963 6.57346 10.8191C9.73868 8.2582 14.2635 8.2582 17.4287 10.8191C17.6057 10.963 17.8268 11.0419 18.0551 11.0419C18.3054 11.0424 18.546 10.9435 18.7243 10.7669C19.0935 10.3952 19.0918 9.79476 18.72 9.42473C18.7018 9.40606 18.6823 9.38866 18.6623 9.37169Z\"/>\n </g>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_wireless\" viewBox=\"0 0 24 24\">\n <path d=\"M11.704 7.891c-.638 0-1.156.518-1.156 1.157v6.939a1.156 1.156 0 1 0 2.313 0V9.048c0-.639-.518-1.157-1.157-1.157ZM15.752 5c-.639 0-1.156.518-1.156 1.157v9.83a1.156 1.156 0 1 0 2.313 0v-9.83c0-.639-.518-1.157-1.156-1.157Zm-8.096 6.36c-.638 0-1.156.519-1.156 1.158v3.469a1.156 1.156 0 1 0 2.313 0v-3.47c0-.638-.518-1.156-1.157-1.156Z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_hamburger\" viewBox=\"0 0 24 24\">\n <path d=\"M1 5.126c0-.57.46-1.03 1.03-1.03h19.94a1.03 1.03 0 0 1 0 2.06H2.03A1.03 1.03 0 0 1 1 5.134v-.007zM1 12c0-.57.46-1.03 1.03-1.03h19.94a1.03 1.03 0 1 1 0 2.06H2.032A1.03 1.03 0 0 1 1 12.008V12zm0 6.876c0-.57.46-1.03 1.03-1.03h19.94a1.03 1.03 0 1 1 0 2.06H2.03A1.027 1.027 0 0 1 1 18.88v-.006z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"logo_speedtest\" viewBox=\"0 0 193 24\">\n <path d=\"m35.7 19.3 1.9-2.3c1.7 1.5 3.5 2.4 5.8 2.4 2 0 3.2-.9 3.2-2.3V17c0-1.3-.7-2-4.1-2.8-3.9-.9-6.1-2.1-6.1-5.5 0-3.1 2.6-5.3 6.3-5.3 2.7 0 4.8.8 6.7 2.3l-1.7 2.4c-1.6-1.2-3.3-1.9-5-1.9-1.9 0-3 1-3 2.2v.1c0 1.4.8 2.1 4.4 2.9 3.9.9 5.9 2.3 5.9 5.4v.1c0 3.4-2.7 5.5-6.6 5.5-2.9-.2-5.5-1.1-7.7-3.1m23.9-6.1c2.4 0 3.9-1.4 3.9-3.3 0-2.2-1.5-3.3-3.9-3.3h-3.7v6.6h3.7zm-7-9.5h7.2c4.3 0 7 2.4 7 6.1v.1c0 4.1-3.3 6.3-7.3 6.3h-3.6V22h-3.2l-.1-18.3zm17 0h13.6v2.8H72.8v4.8H82v2.9h-9.2v4.9h10.5V22H69.6zm17 0h13.6v2.8H89.8v4.8H99v2.9h-9.2v4.9h10.5V22H86.6zm20.2 2.9v12.5h3.6c3.8 0 6.4-2.6 6.4-6.2v-.1c0-3.6-2.5-6.2-6.4-6.2h-3.6zm-3.2-2.9h6.8c5.8 0 9.7 3.9 9.7 9.1v.1c0 5.2-4 9.2-9.7 9.2h-6.8V3.7zm24.2 2.9H122V3.7h14.9v2.9h-5.8V22h-3.3zm12.5-2.9h13.6v2.8h-10.4v4.8h9.2v2.9h-9.2v4.9H154V22h-13.7zm16.3 15.6 1.9-2.3c1.7 1.5 3.5 2.4 5.8 2.4 2 0 3.2-.9 3.2-2.3V17c0-1.3-.7-2-4.1-2.8-3.9-.9-6.1-2.1-6.1-5.5 0-3.1 2.6-5.3 6.3-5.3 2.7 0 4.8.8 6.7 2.3l-1.7 2.4c-1.6-1.2-3.3-1.9-5-1.9-1.9 0-3 1-3 2.2v.1c0 1.4.8 2.1 4.4 2.9 3.9.9 5.9 2.3 5.9 5.4v.1c0 3.4-2.7 5.5-6.6 5.5-2.9-.2-5.5-1.1-7.7-3.1m22.1-12.7h-5.8V3.7h14.9v2.9H182V22h-3.3zM23 23c2.3-2.3 3.8-5.5 3.8-9.1C26.8 6.8 21 1 13.9 1 6.8 1 1 6.8 1 13.9c0 3.6 1.4 6.8 3.8 9.1l1.8-1.8c-1.9-1.9-3-4.4-3-7.3 0-5.7 4.6-10.3 10.3-10.3 5.7 0 10.3 4.6 10.3 10.3 0 2.8-1.2 5.4-3 7.3L23 23z\"/>\n <path d=\"m13.5 16.5-2.2-2.3 7.3-6.4 1.3 1.4zM190.8 5.1c.2 0 .4-.1.4-.3 0-.2-.1-.3-.4-.3h-.5v.6h.5zm-.8-.9h.8c.2 0 .4.1.5.2.1.1.2.2.2.4 0 .3-.2.5-.4.5l.5.7h-.4l-.4-.6h-.4V6h-.4V4.2z\"/>\n <path d=\"M190.7 3.6c-.8 0-1.5.7-1.5 1.5s.7 1.5 1.5 1.5 1.5-.7 1.5-1.5-.7-1.5-1.5-1.5m0 .2c.7 0 1.3.6 1.3 1.3 0 .7-.6 1.3-1.3 1.3-.7 0-1.3-.6-1.3-1.3 0-.7.5-1.3 1.3-1.3\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_close\" viewBox=\"0 0 24 24\">\n <path d=\"m13.274 11.997 9.41-9.416a.913.913 0 1 0-1.247-1.334c-.016.016-.033.027-.044.044l-9.41 9.416-9.388-9.394A.912.912 0 1 0 1.26 2.554c.017.016.028.033.044.044l9.405 9.416L1.3 21.42a.913.913 0 1 0 1.246 1.334c.016-.016.033-.027.044-.044L12 13.294l9.41 9.416a.913.913 0 1 0 1.335-1.247c-.016-.016-.027-.033-.044-.044l-9.426-9.423z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_packet\" viewBox=\"0 0 24 24\">\n <path d=\"M12.55 9.25c-.458-.275-1.008-.092-1.283.458l-.825 1.375H6.5c-.55 0-.917.367-.917.917s.367.917.917.917h2.842l-.275.458c-.275.55-.183 1.1.275 1.375.458.275 1.008.092 1.283-.458l2.108-3.667c.367-.55.275-1.1-.183-1.375zm4.95 1.833h-2.75c-.55 0-.917.367-.917.917s.367.917.917.917h2.75c.55 0 .917-.367.917-.917 0-.458-.46-.917-.917-.917z\"/>\n <path d=\"M1 12c0 6.05 4.95 11 11 11s11-4.95 11-11S18.05 1 12 1 1 5.95 1 12zm20.167 0c0 5.042-4.125 9.167-9.167 9.167S2.833 17.042 2.833 12 6.958 2.833 12 2.833 21.167 6.958 21.167 12z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_jitter\" viewBox=\"0 0 24 24\">\n <path d=\"M14.472 14.244c-1.524 0-2.472-.847-3.124-1.733-1.288-1.9-4.02-1.956-4.06.565a.737.737 0 0 1-.736.74h-.003a.737.737 0 0 1-.738-.737c0-2.56 2.11-3.358 3.392-3.318 1.63-.067 2.537.776 3.227 1.75.918 1.425 3.906 2.33 4.284-.78a.738.738 0 0 1 .72-.754c.392.022.745.314.753.72-.06 3.235-2.828 3.55-3.715 3.548z\"/>\n <path d=\"M1 12c0 6.075 4.925 11 11 11 6.078 0 11-4.925 11-11S18.077 1 12 1C5.926 1 1 5.925 1 12zm20.173-.015c0 5.058-4.104 9.157-9.172 9.157-5.065 0-9.17-4.1-9.17-9.157S6.935 2.828 12 2.828c5.07 0 9.173 4.1 9.173 9.157h-.002z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_resolution\" viewBox=\"0 0 24 24\">\n <path d=\"M15.822 7.32c.48.002.872.372.91.842l.003.079v3.732a.92.92 0 0 1-1.837.079l-.003-.079.026-1.488-4.387 4.387h1.409a.917.917 0 0 1 .581.211l.08.074a.916.916 0 0 1-.569 1.58l-.079.002H8.217a.917.917 0 0 1-.91-.842l-.003-.079v-3.732a.92.92 0 0 1 1.837-.079l.003.079-.026 1.488 4.387-4.387h-1.408a.917.917 0 0 1-.581-.211l-.08-.074a.916.916 0 0 1 .569-1.58l.079-.002h3.738zM5.518 18.482c-3.58-3.58-3.58-9.384 0-12.964s9.384-3.58 12.963 0 3.58 9.384 0 12.963a9.166 9.166 0 0 1-12.804.156l-.159-.155zm14.26-14.26c-4.296-4.296-11.26-4.296-15.556 0s-4.296 11.26 0 15.556c4.295 4.295 11.26 4.296 15.556 0 4.247-4.247 4.295-11.101.146-15.407l-.146-.149z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_loadtime\" viewBox=\"0 0 24 24\">\n <path d=\"M12 1c6.075 0 11 4.925 11 11s-4.925 11-11 11S1 18.075 1 12 5.925 1 12 1zm0 1.815c-5.073 0-9.185 4.112-9.185 9.185S6.927 21.185 12 21.185s9.185-4.112 9.185-9.185S17.073 2.815 12 2.815zm3.918 4.83v-.513c0-.475.365-.864.829-.904l.078-.003c.475 0 .864.365.904.829l.003.078v3.52h-3.747a.907.907 0 0 1-.078-1.812l.078-.003h.533a4.043 4.043 0 1 0 .34 6.021.908.908 0 0 1 1.283 1.283 5.859 5.859 0 0 1-8.284-8.284 5.861 5.861 0 0 1 8.061-.212z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_buffering\" viewBox=\"0 0 24 24\">\n <path d=\"M12 1c6.075 0 11 4.925 11 11s-4.925 11-11 11S1 18.075 1 12 5.925 1 12 1zm0 1.833c-5.063 0-9.167 4.104-9.167 9.167S6.937 21.167 12 21.167s9.167-4.104 9.167-9.167S17.063 2.833 12 2.833z\"/>\n <circle cx=\"9.58\" cy=\"6.06\" r=\".917\"/>\n <circle cx=\"13.302\" cy=\"5.712\" r=\".917\"/>\n <circle cx=\"16.528\" cy=\"7.453\" r=\".917\"/>\n <circle cx=\"18.307\" cy=\"10.772\" r=\".917\"/>\n <circle cx=\"17.903\" cy=\"14.53\" r=\".917\"/>\n <circle cx=\"15.538\" cy=\"17.353\" r=\".917\"/>\n <circle cx=\"6.61\" cy=\"8.535\" r=\".917\"/>\n <path d=\"M5.583 11.083c.507 0 .917.411.917.917a5.5 5.5 0 0 0 5.5 5.5.917.917 0 1 1 0 1.834 7.333 7.333 0 0 1-7.333-7.333c0-.507.41-.918.916-.918z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_cli_prompt\" viewBox=\"0 0 24 24\">\n <path d=\"M2.162 19.341a1.14 1.14 0 0 1-.814-.345 1.148 1.148 0 0 1-.021-1.624l.021-.021L6.71 11.97 1.347 6.589a1.166 1.166 0 0 1 1.648-1.645l6.193 6.193c.452.455.452 1.19 0 1.645l-6.193 6.193a1.174 1.174 0 0 1-.833.366zm19.75-2.479h-8.761a1.167 1.167 0 0 0 0 2.329h8.761a1.167 1.167 0 0 0 0-2.329z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_display\" viewBox=\"0 0 24 24\">\n <path d=\"M21.234 4.14H2.766C1.786 4.14 1 4.93 1 5.903v9.04c0 .978.792 1.765 1.766 1.765h18.468c.98 0 1.766-.793 1.766-1.767V5.91c0-.98-.792-1.77-1.766-1.77zm.198 11H2.568V5.713h18.864v9.43zM8.856 18.288h6.288a.787.787 0 1 1 0 1.574H8.856a.787.787 0 1 1 0-1.574z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_location\" viewBox=\"0 0 24 24\">\n <path d=\"M19.305 8.39C19.305 4.313 16.077 1 12 1 8.008 1 4.695 4.143 4.695 8.22c0 1.444.595 2.888 1.104 3.822L12 23l6.286-10.958c.51-.934 1.02-2.293 1.02-3.652zM12 5.417c1.614 0 2.888 1.274 2.888 2.888S13.614 11.193 12 11.193 9.112 9.92 9.112 8.305c0-1.53 1.274-2.888 2.888-2.888z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_servermultiple\" viewBox=\"0 0 24 24\">\n <path d=\"M5.921 9.858v1.447l-2.605.001a.868.868 0 0 0-.86.751l-.008.118-.001 1.505 3.635.001a2.292 2.292 0 0 0 1.962 1.441l.169.006H2.447v2.373h7.527v-2.373h1.447v5.327a2.316 2.316 0 0 1-2.316 2.316H3.316A2.32 2.32 0 0 1 1 20.453v-8.279a2.316 2.316 0 0 1 2.316-2.316h2.605zm14.763 0A2.316 2.316 0 0 1 23 12.174v8.279a2.316 2.316 0 0 1-2.316 2.316h-5.789a2.316 2.316 0 0 1-2.316-2.316v-5.327h1.446v2.373h7.527v-2.373h-5.765c.967 0 1.795-.599 2.131-1.447l3.634-.001v-1.505a.868.868 0 0 0-.751-.86l-.118-.008-2.606-.001V9.858h2.607zM9.973 18.947H2.447l.001 1.506c0 .44.327.803.751.86l.118.008h5.789c.44 0 .803-.327.86-.751l.008-.118-.001-1.505zm11.579 0h-7.527l.001 1.506c0 .44.327.803.751.86l.118.008h5.789c.44 0 .803-.327.86-.751l.008-.118v-1.505zM14.895 1.232a2.316 2.316 0 0 1 2.316 2.316v8.279a2.316 2.316 0 0 1-2.316 2.316h-5.79a2.316 2.316 0 0 1-2.316-2.316v-8.28a2.316 2.316 0 0 1 2.316-2.316h5.79zm.868 9.088H8.236l.001 1.506c0 .44.327.803.751.86l.118.008h5.789c.44 0 .803-.327.86-.751l.008-.118V10.32zm0-3.82H8.236v2.373h7.527V6.5zm-.868-3.821h-5.79a.868.868 0 0 0-.86.751l-.008.117-.001 1.505h7.527V3.547a.868.868 0 0 0-.751-.86l-.117-.008z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_serversingle\" viewBox=\"0 0 24 24\">\n <path d=\"M18.188 1a2.75 2.75 0 0 1 2.75 2.75v16.5a2.75 2.75 0 0 1-2.75 2.75H5.812a2.75 2.75 0 0 1-2.75-2.75V3.75A2.75 2.75 0 0 1 5.812 1h12.376zm1.031 15.331H4.781v3.919a1.045 1.045 0 0 0 1.031 1.031h12.375a1.045 1.045 0 0 0 1.031-1.031v-3.919zm-2.063 2.2a.688.688 0 1 1 0 1.376.688.688 0 0 1 0-1.376zm-2.75 0a.688.688 0 1 1 0 1.376.688.688 0 0 1 0-1.376zm4.813-9.144H4.781v5.225h14.438V9.387zm-2.063 2.476a.688.688 0 1 1 0 1.376.688.688 0 0 1 0-1.376zm-2.75 0a.688.688 0 1 1 0 1.376.688.688 0 0 1 0-1.376zm3.782-9.144H5.812A1.045 1.045 0 0 0 4.781 3.75v3.919h14.438V3.75a1.045 1.045 0 0 0-1.031-1.031zm-1.032 2.2a.688.688 0 1 1 0 1.376.688.688 0 0 1 0-1.376zm-2.75 0a.688.688 0 1 1 0 1.376.688.688 0 0 1 0-1.376z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_ethernet\" viewBox=\"0 0 24 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path xmlns=\"http://www.w3.org/2000/svg\" d=\"M7.558 9.5v-.25a.654.654 0 0 1 .463 1.116L6.332 12.06l1.69 1.698.003.003a.654.654 0 0 1-.924.924l-.004-.003-2.157-2.157a.654.654 0 0 1 0-.925L7.093 9.45a.65.65 0 0 1 .462-.199l.003.25Zm8.884 5.111v.25a.654.654 0 0 1-.463-1.115l1.688-1.696-1.69-1.697-.004-.003a.654.654 0 0 1 .925-.925l.003.003 2.158 2.158a.654.654 0 0 1 0 .924l-2.152 2.152a.65.65 0 0 1-.462.2l-.003-.25ZM11.817 11.073c-.547 0-1 .435-1 .983s.453.982 1 .982c.546 0 1-.434 1-.982a.992.992 0 0 0-1-.983Z\" />\n <path xmlns=\"http://www.w3.org/2000/svg\" d=\"M9.25 11.073a1 1 0 1 0 0 2 1 1 0 0 0 0-2ZM14.317 11.073c-.547 0-1 .435-1 .983s.453.982 1 .982c.546 0 1-.434 1-.982a.992.992 0 0 0-1-.983Z\"/>\n </g>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_bluetooth\" viewBox=\"0 0 15 24\">\n <g transform=\"scale(1.4) translate(-3.5, -3.5)\">\n <path xmlns=\"http://www.w3.org/2000/svg\" d=\"M5.584 2.826v3.782l1.942-1.912-1.942-1.87Zm0 6.426v3.988l2.147-1.909-2.147-2.079ZM5.038 15a.545.545 0 0 1-.545-.545V9.21l-2.565 2.526a.545.545 0 1 1-.765-.777L4.23 7.941 1.279 5.083a.545.545 0 0 1 .758-.783L4.493 6.68V1.545a.545.545 0 0 1 .923-.392l3.269 3.146a.544.544 0 0 1 .005.781l-2.9 2.855 3.12 3.022a.544.544 0 0 1-.016.8L5.4 14.861a.545.545 0 0 1-.363.138Z\"/>\n <path xmlns=\"http://www.w3.org/2000/svg\" d=\"m5.584 2.826.174-.18-.424-.407v.587h.25Zm0 3.782h-.25v.597l.426-.419-.176-.178Zm1.942-1.912.176.178.183-.18-.185-.178-.174.18ZM5.584 9.252l.174-.18-.424-.41v.59h.25Zm0 3.988h-.25v.557l.416-.37-.166-.187Zm2.147-1.909.166.187.201-.18-.193-.186-.174.18Zm-2.916 3.621.103-.228-.103.228Zm-.322-5.74h.25v-.598l-.425.42.175.177Zm-2.565 2.525-.176-.178.176.178Zm-.771-.006.178-.175-.178.175Zm.006-.77-.176-.179.176.178ZM4.23 7.94l.175.178.182-.18-.184-.177-.173.18ZM1.279 5.083l-.175.18.175-.18Zm.758-.783.174-.18-.174.18ZM4.493 6.68l-.174.18.424.41v-.59h-.25Zm.332-5.635.098.23-.098-.23Zm.591.109.174-.18-.174.18Zm3.269 3.146-.173.18.173-.18Zm.005.781.175.178-.175-.178Zm-2.9 2.855-.175-.178-.183.18.184.177.174-.18Zm3.12 3.022-.173.18.174-.18Zm.166.403-.25-.005.25.005Zm-.182.396-.166-.187.166.187ZM5.4 14.862l.166.187-.166-.187ZM5.334 2.826v3.782h.5V2.826h-.5Zm.426 3.96 1.942-1.912-.351-.356L5.409 6.43l.35.356Zm1.94-2.27-1.942-1.87-.347.36 1.942 1.87.347-.36ZM5.334 9.252v3.988h.5V9.252h-.5Zm.416 4.175 2.147-1.91-.332-.373-2.147 1.91.332.373Zm2.155-2.275-2.147-2.08-.348.36 2.147 2.079.348-.36ZM5.038 14.75a.29.29 0 0 1-.12-.026l-.206.456c.105.047.216.07.326.07v-.5Zm-.12-.026a.295.295 0 0 1-.175-.27h-.5c0 .314.184.598.47.726l.205-.456Zm-.175-.27V9.212h-.5v5.244h.5Zm-.425-5.42-2.566 2.525.351.356L4.67 9.39l-.351-.356Zm-2.566 2.525a.295.295 0 0 1-.417-.003l-.357.35a.795.795 0 0 0 1.125.01l-.35-.357Zm-.417-.003a.295.295 0 0 1 .003-.417l-.35-.357a.795.795 0 0 0-.01 1.124l.357-.35Zm.003-.417 3.067-3.02-.35-.356-3.068 3.02.351.356Zm3.065-3.377-2.95-2.858-.348.359 2.95 2.858.348-.36Zm-2.95-2.858a.295.295 0 0 1-.007-.418l-.359-.348a.795.795 0 0 0 .017 1.125l.349-.36Zm-.007-.418c.114-.116.3-.12.418-.006l.347-.36a.796.796 0 0 0-1.124.018l.36.348Zm.417-.006L4.32 6.859l.348-.36-2.456-2.378-.348.359Zm2.88 2.199V1.545h-.5V6.68h.5Zm0-5.134c0-.118.071-.225.18-.271l-.195-.46a.795.795 0 0 0-.485.731h.5Zm.18-.271a.295.295 0 0 1 .32.059l.347-.36a.795.795 0 0 0-.863-.16l.196.46Zm.32.059 3.269 3.146.346-.36L5.59.972l-.347.36Zm3.269 3.146c.057.056.09.131.09.21l.5-.002a.794.794 0 0 0-.244-.568l-.346.36Zm.09.21c0 .08-.031.157-.088.213l.351.356a.796.796 0 0 0 .237-.57l-.5.002Zm-.088.213-2.9 2.855.351.356 2.9-2.855-.35-.356ZM5.616 8.114l3.12 3.023.349-.36-3.121-3.022-.348.36Zm3.12 3.023a.294.294 0 0 1 .09.218l.5.01a.794.794 0 0 0-.242-.587l-.347.36Zm.09.219a.293.293 0 0 1-.098.213l.332.374a.794.794 0 0 0 .266-.578l-.5-.01Zm-.099.213-3.492 3.106.332.374 3.493-3.106-.333-.374Zm-3.492 3.106a.296.296 0 0 1-.197.075v.5c.191 0 .38-.069.529-.2l-.332-.375Z\"/>\n <path xmlns=\"http://www.w3.org/2000/svg\" d=\"M5.584 2.826v3.782l1.942-1.912-1.942-1.87Zm0 6.427v3.988l2.146-1.91-2.146-2.078ZM5.038 15a.545.545 0 0 1-.545-.545V9.21l-2.565 2.526a.545.545 0 1 1-.765-.777L4.23 7.941 1.279 5.083a.545.545 0 0 1 .758-.783L4.493 6.68V1.545a.545.545 0 0 1 .923-.392l3.269 3.146a.544.544 0 0 1 .005.781l-2.9 2.855 3.12 3.022a.544.544 0 0 1-.016.8L5.4 14.861a.545.545 0 0 1-.363.138Z\"/>\n </g>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_trash\" viewBox=\"0 0 24 24\">\n <path d=\"M21.487 4.025H2.512c-.412 0-.825.275-.825.825s.275.825.825.825h18.975c.413 0 .825-.412.825-.825-.137-.412-.412-.825-.825-.825zM10.762 2.513h2.613c.413 0 .825-.275.825-.825S13.65 1 13.237 1h-2.475c-.412 0-.825.275-.825.825s.413.688.825.688zM19.975 7.188c-.413 0-.825.275-.825.688l-1.65 11.55c-.138 1.1-1.1 1.925-2.338 2.062H8.7c-1.1 0-2.062-.825-2.337-2.062L4.85 7.738c0-.413-.275-.825-.688-.825s-.825.275-.825.687v.275l1.65 11.688C5.262 21.625 6.912 23 8.837 23H15.3c1.925 0 3.575-1.375 3.85-3.3L20.8 8.013c0-.413-.275-.825-.825-.825z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_server\" viewBox=\"0 0 24 24\">\n <path d=\"M20.132 2.392v19.215H3.868V2.392h16.264M20.242 1H3.758a1.26 1.26 0 0 0-1.28 1.28v19.44c0 .723.556 1.28 1.28 1.28h16.486a1.26 1.26 0 0 0 1.28-1.28V2.224c0-.668-.556-1.225-1.28-1.225z\"/>\n <path d=\"M16.01 9.856H8.157a.677.677 0 0 0-.668.668c0 .39.333.668.667.668h7.853c.39 0 .668-.334.668-.668a.677.677 0 0 0-.668-.668zM16.01 6.068H8.157a.677.677 0 0 0-.668.668c0 .39.333.668.667.668h7.853c.39 0 .668-.334.668-.668s-.278-.668-.668-.668z\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_share\" viewBox=\"0 0 24 24\">\n <path d=\"M19.5 8.496a.75.75 0 0 0-.748.748V21.5H5.248V9.25a.75.75 0 0 0-1.496 0v13A.75.75 0 0 0 4.5 23h15a.75.75 0 0 0 .748-.748V9.25a.75.75 0 0 0-.748-.754zM9.544 5.278l1.722-1.722V16.75a.75.75 0 0 0 1.496 0V3.557l1.722 1.722a.754.754 0 0 0 1.062-.04.747.747 0 0 0 0-1.022l-3.003-2.998a.753.753 0 0 0-1.062 0L8.484 4.216a.755.755 0 0 0 .038 1.062.75.75 0 0 0 1.024 0z\"/>\n</svg>\n\n<svg id=\"ic_mobile\" viewBox=\"0 0 16 30\" xmlns=\"http://www.w3.org/2000/svg\">\n <path fill=\"none\" stroke=\"currentColor\" d=\"M11.75 5C13.578 5 15 6.375 15 8v14c0 1.625-1.422 3-3.25 3h-7.5C2.422 25 1 23.625 1 22V8c0-1.625 1.422-3 3.25-3h7.5Z\"/>\n <rect width=\"3.75\" height=\"1.5\" x=\"6.125\" y=\"21\" fill=\"currentColor\" rx=\".75\"/>\n</svg>\n\n<svg id=\"ic_desktop\" viewBox=\"0 0 30 30\" xmlns=\"http://www.w3.org/2000/svg\">\n <path fill=\"none\" stroke=\"currentColor\" d=\"M.5 7c0-1.964 1.485-3.5 3.25-3.5h22.5c1.765 0 3.25 1.536 3.25 3.5v16c0 1.964-1.485 3.5-3.25 3.5H3.75C1.985 26.5.5 24.964.5 23V7Z\"/>\n <circle cx=\"4.688\" cy=\"7.688\" r=\".5\" fill=\"currentColor\" stroke=\"currentColor\" stroke-width=\".875\"/>\n <circle cx=\"8.438\" cy=\"7.688\" r=\".5\" fill=\"currentColor\" stroke=\"currentColor\" stroke-width=\".875\"/>\n <circle cx=\"12.188\" cy=\"7.688\" r=\".5\" fill=\"currentColor\" stroke=\"currentColor\" stroke-width=\".875\"/>\n</svg>\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" id=\"ic_tablet\" viewBox=\"0 0 30 30\" fill=\"none\">\n <path fill=\"none\" stroke=\"currentColor\" d=\"M.5 8c0-1.625 1.422-3 3.25-3h22.5c1.828 0 3.25 1.375 3.25 3v14c0 1.625-1.422 3-3.25 3H3.75C1.922 25 .5 23.625.5 22V8Z\"/>\n <circle cx=\"24\" cy=\"15\" r=\"1\" fill=\"currentColor\" stroke=\"currentColor\"/>\n</svg>\n\n<svg id=\"ic_search\" viewBox=\"0 0 24 24\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\" >\n <path fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M4.25 10.625C4.25 7.38033 6.88033 4.75 10.125 4.75C13.3697 4.75 16 7.38033 16 10.625C16 13.8697 13.3697 16.5 10.125 16.5C6.88033 16.5 4.25 13.8697 4.25 10.625ZM10.125 3.5C6.18997 3.5 3 6.68997 3 10.625C3 14.56 6.18997 17.75 10.125 17.75C11.9383 17.75 13.5934 17.0726 14.8511 15.9571L19.6831 20.7891C19.9272 21.0332 20.3229 21.0332 20.567 20.7891C20.811 20.545 20.811 20.1493 20.567 19.9052L15.7106 15.0489C16.6744 13.8336 17.25 12.2965 17.25 10.625C17.25 6.68997 14.06 3.5 10.",
"body_murmur": 1191635668,
"body_sha256": "545ab7e62055975744536d828872e17e01b196c4561c45df8762688aaba5466b",
"component": [
"Google Tag Manager",
"Cloudflare"
],
"content_length": -1,
"favicon": {
"md5_hash": "4c2b709ede318666dcdb5e94f3597227",
"murmur_hash": -1354027319,
"path": "http://www.speedtest.net:80/favicon.ico",
"size": 101988
},
"headers": {
"accept_ranges": [
"bytes"
],
"cache_control": [
"private"
],
"connection": [
"keep-alive"
],
"content_security_policy": [
"frame-ancestors 'none'; upgrade-insecure-requests"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Sun, 08 Feb 2026 03:24:09 GMT"
],
"etag": [
"W/\"22c4f-2y5X1CM2/WlBzt4ScPki2hZCNIs\""
],
"server": [
"cloudflare"
],
"set_cookie": [
"st4-sid=s%3AeNR3MzqW-HyfJ7GCejJtPEjzA99QrELM.AZq6s%2FLf3pbQnd%2Fwz2JmpfOZKpIlLH34k0kfGbPgwBI; Domain=speedtest.net; Path=/; Expires=Sun, 08 Feb 2026 03:54:09 GMT",
"__cf_bm=ikUS.IpPESQIpRM.WJwqTR2YHbiSPfQMqkQxrSCej84-1770521049-1.0.1.1-5g4LeWKpMhrjFESPTJNdHQEERo5Kq8b36mGNuv44hYLDZoSR9gXr1thzAZutMrqrL0WswtjsI28AnYFMVWksX0MrNiYq.A8EcTYHT6QSrrk; path=/; expires=Sun, 08-Feb-26 03:54:09 GMT; domain=.www.speedtest.net; HttpOnly; Secure; SameSite=None"
],
"unknown": [
{
"key": "cf_cache_status",
"value": [
"DYNAMIC"
]
},
{
"key": "cf_ray",
"value": [
"9ca8032d8822692e-FRA"
]
},
{
"key": "access_control_allow_credentials",
"value": [
"true"
]
}
],
"vary": [
"Origin, Accept-Encoding"
],
"x_frame_options": [
"DENY"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"headers": {
"content_length": [
"0"
],
"content_type": [
"text/html"
],
"date": [
"Sun, 08 Feb 2026 03:24:08 GMT"
],
"location": [
"https://ugm.speedtest.net"
],
"server": [
"Apache/2.4.7 (Ubuntu)"
],
"x_powered_by": [
"PHP/5.5.9-1ubuntu4.17"
]
},
"location": "https://ugm.speedtest.net",
"protocol": "HTTP/1.1",
"status_code": 301,
"status_line": "301 Moved Permanently"
},
{
"body": "Moved Permanently. Redirecting to https://www.speedtest.net/server/ugm",
"body_murmur": 66599140,
"body_sha256": "fbf12a910a7d3b45cce52c617d9df4d378b328e2d4cd34b7afe4b8db3c3caad3",
"content_length": 70,
"headers": {
"accept_ranges": [
"bytes"
],
"connection": [
"keep-alive"
],
"content_length": [
"70"
],
"content_type": [
"text/plain; charset=utf-8"
],
"date": [
"Sun, 08 Feb 2026 03:24:09 GMT"
],
"location": [
"https://www.speedtest.net/server/ugm"
],
"vary": [
"Accept"
]
},
"location": "https://www.speedtest.net/server/ugm",
"protocol": "HTTP/1.1",
"status_code": 301,
"status_line": "301 Moved Permanently"
}
],
"request": {
"headers": {
"accept": [
"*/*"
],
"referer": [
"https://ugm.speedtest.net"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "www.speedtest.net",
"path": "/server/ugm",
"scheme": "https"
}
},
"status_code": 200,
"title": "Speedtest by Ookla - The Global Broadband Speed Test",
"transfer_encoding": [
"chunked"
]
}
},
"cve": [
{
"id": "CVE-2006-20001",
"score": 7.5,
"severity": "high"
},
{
"id": "CVE-2013-5704",
"score": 5,
"severity": "medium"
},
{
"id": "CVE-2013-6438",
"score": 5,
"severity": "medium"
}
],
"url": "http://175.111.88.29/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-02-08T03:24:10.582Z"
},
{
"port": 5060,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"modules": {
"http": {
"body": "<html><head><title>OoklaServer</title></head><body><h1>OoklaServer</h1><p>It worked!<br /></p></body></html>\n",
"body_murmur": 1393880461,
"body_sha256": "80ede6d3596fe35bda38d7ac416063da77e519cdb00b03b713f60b66a97fa186",
"content_length": 109,
"headers": {
"cache_control": [
"no-store"
],
"connection": [
"Keep-Alive"
],
"content_length": [
"109"
],
"content_security_policy": [
"default-src 'none'; frame-ancestors 'none'; script-src 'none'; object-src 'none'; connect-src *; upgrade-insecure-requests"
],
"content_type": [
"text/html"
],
"date": [
"Mon, 09 Feb 2026 16:54:31 GMT"
],
"strict_transport_security": [
"max-age=6020016; includeSubDomains"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"DENY"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "175.111.88.29:5060",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "OoklaServer"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://r12.i.lencr.org/"
]
},
"authority_key_id": "00b529f22d8e6f31e89b4cad783efadce90cd1d2",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"id": "2.23.140.1.2.1"
}
],
"crl_distribution_points": [
"http://r12.c.lencr.org/28.crl"
],
"ct_precert_scts": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:\n DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21\n Timestamp : Jan 20 10:06:39.096 2026 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:44:02:20:0E:60:54:C7:BE:6C:D4:00:3B:C5:18:A3:\n 56:FE:2E:65:49:AF:94:F9:29:0F:39:F7:4E:62:D0:D7:\n 2D:05:A6:27:02:20:38:D7:5F:A5:99:FE:36:7F:C6:34:\n 68:1E:67:81:0A:C0:16:7D:AA:2D:FE:16:BF:EE:F5:9C:\n 76:0E:EE:93:21:49\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : E3:23:8D:F2:8D:A2:88:E0:AA:E0:AC:F0:FA:90:C9:85:\n F0:B6:BF:F5:D2:A5:27:B0:01:FC:1C:44:58:C4:B6:E8\n Timestamp : Jan 20 10:06:39.524 2026 GMT\n Extensions: 00:00:05:00:2F:F3:C4:CA\n Signature : ecdsa-with-SHA256\n 30:45:02:20:02:47:09:5B:23:0A:CB:FF:78:02:59:F1:\n 81:78:70:44:3D:A9:4A:2A:F7:AF:42:11:F8:F2:54:86:\n 32:CB:0E:B2:02:21:00:D1:67:CA:99:02:A9:2C:C4:94:\n 61:71:D1:11:5D:E7:91:BE:75:7C:50:0D:92:76:0D:84:\n AB:B4:0D:C3:40:15:05",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"server-8922.prod.hosts.ooklaserver.net",
"speedtest.ugm.ac.id.prod.hosts.ooklaserver.net"
]
},
"subject_key_id": "62895ad09aac4ced29111989620faf5143ae2062"
},
"fingerprint_md5": "697DE10D70617550DC2A6882C8304C12",
"fingerprint_sha1": "C8EB9FEB27550D47B7834A73F25ED1497385468B",
"fingerprint_sha256": "5DDEEAF3DA39AD380338BBA91CE07C42C6475CFEDDBC10356C02B713E5451D7F",
"issuer": {
"common_name": [
"R12"
],
"country": [
"US"
],
"organization": [
"Let's Encrypt"
]
},
"issuer_dn": "/C=US/O=Let's Encrypt/CN=R12",
"jarm": "21d08d00021d21d00042d43d000000107066a9db8d16b0a001ff4969166ce7",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2026-02-18T16:57:07",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "455750292304163618913864951758501516566299",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "MDY5YzY4MDA2YTI0MTJjOWU5ZjkxNjA4NGM3N2ZlODQzNmJiZmEyOTA1OTEwNWMwMjQyNGU5NjI5ZWMxZWY0NDU4MTZkZGE0NDAyN2FhNGMxNzQ3OTNlOWY1NzY1YWE3ZGY2MGUxZTU5ZWM2Y2MwM2UyMmE2MTk4YjQ2YTM3Njk5NzBkYTcxMzM3ZmQ3NzkyYjdlYWVjYjljNDc5ZjI0OWRkNDg0YjMxZTg0YmVjY2NiNzlmMTNlZDM2NjdiZmNmNGEzODQyM2U4OWUzYTQ0ZTUxOTE3Nzc2NzQyMzc0ZDE1MDAwYTg3OGEzM2U0Y2RiMmMxZTBjZGVjMWQzZDMwMDYyNjY4ODk3OTlmZDY5OGEzNTBkNGNmZTFhZjhlNTQyODhkNjU3OGZjMzAyY2UzZWVlNmY0NTIxNzg4NTM2ZjMyNzVhMDI1NjVmMjg1YjJmOWQ3NzljNWZhMjMyNTE5ZGUxMWJkMDRmZTM1ZTY0YTdiN2NkMTkxMGNjNDdjMjc5ZGM3Y2NlZWNmOWYxZDljOTRkODA5YzYyMjVjYmVhZjhkM2U2N2U4N2I2N2YxMTMwZTA1MDA1MjU2Y2Q1YjE3YzgxZWNkNjdiNTUwMWY1MDE0N2EzODgyZGY0YjMxODRkZjM1ZjIwZGNhNjRkMDVkMThkZTAwNTc0OWU5Yzc0ZDQ="
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "0e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e21",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304402200e6054c7be6cd4003bc518a356fe2e6549af94f9290f39f74e62d0d72d05a627022038d75fa599fe367fc634681e67810ac0167daa2dfe16bfeef59c760eee932149"
},
"timestamp": "2026-01-20T10:06:39.096000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "e3238df28da288e0aae0acf0fa90c985f0b6bff5d2a527b001fc1c4458c4b6e8",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304502200247095b230acbff780259f1817870443da94a2af7af4211f8f2548632cb0eb2022100d167ca9902a92cc4946171d1115de791be757c500d92760d84abb40dc3401505"
},
"timestamp": "2026-01-20T10:06:39.524000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"server-8922.prod.hosts.ooklaserver.net"
]
},
"subject_alt_name": {
"dns_names": [
"server-8922.prod.hosts.ooklaserver.net",
"speedtest.ugm.ac.id.prod.hosts.ooklaserver.net"
],
"extended_dns_names": [
{
"domain": "ooklaserver",
"fld": "ooklaserver.net",
"subdomain": "server-8922.prod.hosts",
"tld": "net"
},
{
"domain": "ooklaserver",
"fld": "ooklaserver.net",
"subdomain": "speedtest.ugm.ac.id.prod.hosts",
"tld": "net"
}
]
},
"subject_dn": "/CN=server-8922.prod.hosts.ooklaserver.net",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "3e4f1fee3de7b6b3fcc4fbbeccd5c51efc4dbc3ac14a7d659d0ed84e662ffb78",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhhYWZkYjQ4NDkxMTFlNmU4OWM0OTlmYWIwMmEwMDUwZmZjNTAzYzA5ZDE2MjcyZjcwMzI3NjNjMmI1YTc1YTQ1ZmI5NDAyYjg2NDY2ODY5ODU0MzEzY2UzOThkODk2MjRmODg5YzNkNTIxOWQyZGVkOTFkNmQ5MGM1YjQ3NTc5MmZlODIyYmY3OGNmODdjZmIwNzllMTY4NTJjMGFkYzhlN2FiNDA0OWExZWQ2MzU1MTMwODhmMWY4Y2JlYmViMTA5NTI2MjY1NGE4MDNkMGRmNTI4NmQ0ZTA1YzFiNWQyZDU0YzExZjkwMWE4MjcwMTgzMzhiNzU3MmE2NWQzMTlhNDFhZDE0ZDk3ZTRlODIwMzVlMDZiMDkwNTE4NjkzMWMzM2M0YWM1NzdmMWY4OTY0MGY0ZTZhNmQ0OGZjN2I2MjlmNjZmMTkzODEwMTA3YWQwYTgwNDFhNzY5YzJlNjczMjg5YWI3OTEyMzI5ZTAxNGQwNWYzNjRiMzQ2MmIzMDEwNTVmMzg2Mjg5MTZlZGZjYmY2Y2M1MThjY2RmZGZmNDE1YWY4OGI3NTJlNjlmNGYyY2M1YTgyZjFmNTUwYTBhNWFiZmUzMGQxZWIzOTkzZTQzMDNmZDM4ZjExY2IxOTE5N2RlOTU5MDVmMjQ0YzNmY2ZhNjA3OTY2YWQ2MjE1Mw=="
}
},
"tbs_fingerprint": "1aba49f3054626ef3f3ef45b8c47a8f00d8d766be08ebf3d8e4221ada05d9e78",
"tbs_noct_fingerprint": "1512bff5a051fcbab1e25beb3d72694ed4ff985674466bb7396bce9137438453",
"validation_level": "DV",
"validity": {
"length_seconds": 7775999,
"not_after": "2026-04-20T09:08:08",
"not_before": "2026-01-20T09:08:09"
},
"version": 2
},
"fingerprint_sha256": "5DDEEAF3DA39AD380338BBA91CE07C42C6475CFEDDBC10356C02B713E5451D7F",
"precert": false,
"raw": "MIIFXzCCBEegAwIBAgISBTtUaYLc2hTqjtbuKLbO+l8bMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTIwHhcNMjYwMTIwMDkwODA5WhcNMjYwNDIwMDkwODA4WjAxMS8wLQYDVQQDEyZzZXJ2ZXItODkyMi5wcm9kLmhvc3RzLm9va2xhc2VydmVyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKr9tISREebonEmfqwKgBQ/8UDwJ0WJy9wMnY8K1p1pF+5QCuGRmhphUMTzjmNiWJPiJw9UhnS3tkdbZDFtHV5L+giv3jPh8+weeFoUsCtyOerQEmh7WNVEwiPH4y+vrEJUmJlSoA9DfUobU4FwbXS1UwR+QGoJwGDOLdXKmXTGaQa0U2X5OggNeBrCQUYaTHDPErFd/H4lkD05qbUj8e2KfZvGTgQEHrQqAQadpwuZzKJq3kSMp4BTQXzZLNGKzAQVfOGKJFu38v2zFGMzf3/QVr4i3UuafTyzFqC8fVQoKWr/jDR6zmT5DA/048RyxkZfelZBfJEw/z6YHlmrWIVMCAwEAAaOCAm0wggJpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUYola0JqsTO0pERmJYg+vUUOuIGIwHwYDVR0jBBgwFoAUALUp8i2ObzHom0yteD763OkM0dIwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEyLmkubGVuY3Iub3JnLzBhBgNVHREEWjBYgiZzZXJ2ZXItODkyMi5wcm9kLmhvc3RzLm9va2xhc2VydmVyLm5ldIIuc3BlZWR0ZXN0LnVnbS5hYy5pZC5wcm9kLmhvc3RzLm9va2xhc2VydmVyLm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEyLmMubGVuY3Iub3JnLzI4LmNybDCCAQsGCisGAQQB1nkCBAIEgfwEgfkA9wB1AA5XlLzzrqk+MxssmQez95Dfm8I9cTIl3SGpJaxhxU4hAAABm9re4/gAAAQDAEYwRAIgDmBUx75s1AA7xRijVv4uZUmvlPkpDzn3TmLQ1y0FpicCIDjXX6WZ/jZ/xjRoHmeBCsAWfaot/ha/7vWcdg7ukyFJAH4A4yON8o2iiOCq4Kzw+pDJhfC2v/XSpSewAfwcRFjEtugAAAGb2t7lpAAIAAAFAC/zxMoEAwBHMEUCIAJHCVsjCsv/eAJZ8YF4cEQ9qUoq969CEfjyVIYyyw6yAiEA0WfKmQKpLMSUYXHREV3nkb51fFANknYNhKu0DcNAFQUwDQYJKoZIhvcNAQELBQADggEBAAacaABqJBLJ6fkWCEx3/oQ2u/opBZEFwCQk6WKewe9EWBbdpEAnqkwXR5Pp9XZap99g4eWexswD4iphmLRqN2mXDacTN/13krfq7LnEefJJ3UhLMehL7My3nxPtNme/z0o4Qj6J46ROUZF3dnQjdNFQAKh4oz5M2yweDN7B09MAYmaIl5n9aYo1DUz+GvjlQojWV4/DAs4+7m9FIXiFNvMnWgJWXyhbL513nF+iMlGd4RvQT+NeZKe3zRkQzEfCedx8zuz58dnJTYCcYiXL6vjT5n6Htn8RMOBQBSVs1bF8gezWe1UB9QFHo4gt9LMYTfNfINymTQXRjeAFdJ6cdNQ=",
"tags": [
"dv",
"trusted"
]
}
},
"url": "https://175.111.88.29:5060/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-02-09T17:04:40.193Z"
},
{
"port": 8080,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"modules": {
"http": {
"body": "<html><head><title>OoklaServer</title></head><body><h1>OoklaServer</h1><p>It worked!<br /></p></body></html>\n",
"body_murmur": 1393880461,
"body_sha256": "80ede6d3596fe35bda38d7ac416063da77e519cdb00b03b713f60b66a97fa186",
"content_length": 109,
"headers": {
"cache_control": [
"no-store"
],
"connection": [
"Keep-Alive"
],
"content_length": [
"109"
],
"content_security_policy": [
"default-src 'none'; frame-ancestors 'none'; script-src 'none'; object-src 'none'; connect-src *; upgrade-insecure-requests"
],
"content_type": [
"text/html"
],
"date": [
"Sun, 08 Feb 2026 05:15:13 GMT"
],
"strict_transport_security": [
"max-age=6148374; includeSubDomains"
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"DENY"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "175.111.88.29:8080",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "OoklaServer"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://r12.i.lencr.org/"
]
},
"authority_key_id": "00b529f22d8e6f31e89b4cad783efadce90cd1d2",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"id": "2.23.140.1.2.1"
}
],
"crl_distribution_points": [
"http://r12.c.lencr.org/28.crl"
],
"ct_precert_scts": "Signed Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:\n DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21\n Timestamp : Jan 20 10:06:39.096 2026 GMT\n Extensions: none\n Signature : ecdsa-with-SHA256\n 30:44:02:20:0E:60:54:C7:BE:6C:D4:00:3B:C5:18:A3:\n 56:FE:2E:65:49:AF:94:F9:29:0F:39:F7:4E:62:D0:D7:\n 2D:05:A6:27:02:20:38:D7:5F:A5:99:FE:36:7F:C6:34:\n 68:1E:67:81:0A:C0:16:7D:AA:2D:FE:16:BF:EE:F5:9C:\n 76:0E:EE:93:21:49\nSigned Certificate Timestamp:\n Version : v1 (0x0)\n Log ID : E3:23:8D:F2:8D:A2:88:E0:AA:E0:AC:F0:FA:90:C9:85:\n F0:B6:BF:F5:D2:A5:27:B0:01:FC:1C:44:58:C4:B6:E8\n Timestamp : Jan 20 10:06:39.524 2026 GMT\n Extensions: 00:00:05:00:2F:F3:C4:CA\n Signature : ecdsa-with-SHA256\n 30:45:02:20:02:47:09:5B:23:0A:CB:FF:78:02:59:F1:\n 81:78:70:44:3D:A9:4A:2A:F7:AF:42:11:F8:F2:54:86:\n 32:CB:0E:B2:02:21:00:D1:67:CA:99:02:A9:2C:C4:94:\n 61:71:D1:11:5D:E7:91:BE:75:7C:50:0D:92:76:0D:84:\n AB:B4:0D:C3:40:15:05",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"server-8922.prod.hosts.ooklaserver.net",
"speedtest.ugm.ac.id.prod.hosts.ooklaserver.net"
]
},
"subject_key_id": "62895ad09aac4ced29111989620faf5143ae2062"
},
"fingerprint_md5": "697DE10D70617550DC2A6882C8304C12",
"fingerprint_sha1": "C8EB9FEB27550D47B7834A73F25ED1497385468B",
"fingerprint_sha256": "5DDEEAF3DA39AD380338BBA91CE07C42C6475CFEDDBC10356C02B713E5451D7F",
"issuer": {
"common_name": [
"R12"
],
"country": [
"US"
],
"organization": [
"Let's Encrypt"
]
},
"issuer_dn": "/C=US/O=Let's Encrypt/CN=R12",
"jarm": "21d08d00021d21d00042d43d000000107066a9db8d16b0a001ff4969166ce7",
"redacted": false,
"revocation": {
"crl": {
"next_update": "2026-02-17T05:27:07",
"reason": "UNKNOWN",
"revoked": false
},
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "455750292304163618913864951758501516566299",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false,
"value": "MDY5YzY4MDA2YTI0MTJjOWU5ZjkxNjA4NGM3N2ZlODQzNmJiZmEyOTA1OTEwNWMwMjQyNGU5NjI5ZWMxZWY0NDU4MTZkZGE0NDAyN2FhNGMxNzQ3OTNlOWY1NzY1YWE3ZGY2MGUxZTU5ZWM2Y2MwM2UyMmE2MTk4YjQ2YTM3Njk5NzBkYTcxMzM3ZmQ3NzkyYjdlYWVjYjljNDc5ZjI0OWRkNDg0YjMxZTg0YmVjY2NiNzlmMTNlZDM2NjdiZmNmNGEzODQyM2U4OWUzYTQ0ZTUxOTE3Nzc2NzQyMzc0ZDE1MDAwYTg3OGEzM2U0Y2RiMmMxZTBjZGVjMWQzZDMwMDYyNjY4ODk3OTlmZDY5OGEzNTBkNGNmZTFhZjhlNTQyODhkNjU3OGZjMzAyY2UzZWVlNmY0NTIxNzg4NTM2ZjMyNzVhMDI1NjVmMjg1YjJmOWQ3NzljNWZhMjMyNTE5ZGUxMWJkMDRmZTM1ZTY0YTdiN2NkMTkxMGNjNDdjMjc5ZGM3Y2NlZWNmOWYxZDljOTRkODA5YzYyMjVjYmVhZjhkM2U2N2U4N2I2N2YxMTMwZTA1MDA1MjU2Y2Q1YjE3YzgxZWNkNjdiNTUwMWY1MDE0N2EzODgyZGY0YjMxODRkZjM1ZjIwZGNhNjRkMDVkMThkZTAwNTc0OWU5Yzc0ZDQ="
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "0e5794bcf3aea93e331b2c9907b3f790df9bc23d713225dd21a925ac61c54e21",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304402200e6054c7be6cd4003bc518a356fe2e6549af94f9290f39f74e62d0d72d05a627022038d75fa599fe367fc634681e67810ac0167daa2dfe16bfeef59c760eee932149"
},
"timestamp": "2026-01-20T10:06:39.096000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "e3238df28da288e0aae0acf0fa90c985f0b6bff5d2a527b001fc1c4458c4b6e8",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304502200247095b230acbff780259f1817870443da94a2af7af4211f8f2548632cb0eb2022100d167ca9902a92cc4946171d1115de791be757c500d92760d84abb40dc3401505"
},
"timestamp": "2026-01-20T10:06:39.524000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"server-8922.prod.hosts.ooklaserver.net"
]
},
"subject_alt_name": {
"dns_names": [
"server-8922.prod.hosts.ooklaserver.net",
"speedtest.ugm.ac.id.prod.hosts.ooklaserver.net"
],
"extended_dns_names": [
{
"domain": "ooklaserver",
"fld": "ooklaserver.net",
"subdomain": "server-8922.prod.hosts",
"tld": "net"
},
{
"domain": "ooklaserver",
"fld": "ooklaserver.net",
"subdomain": "speedtest.ugm.ac.id.prod.hosts",
"tld": "net"
}
]
},
"subject_dn": "/CN=server-8922.prod.hosts.ooklaserver.net",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "3e4f1fee3de7b6b3fcc4fbbeccd5c51efc4dbc3ac14a7d659d0ed84e662ffb78",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhhYWZkYjQ4NDkxMTFlNmU4OWM0OTlmYWIwMmEwMDUwZmZjNTAzYzA5ZDE2MjcyZjcwMzI3NjNjMmI1YTc1YTQ1ZmI5NDAyYjg2NDY2ODY5ODU0MzEzY2UzOThkODk2MjRmODg5YzNkNTIxOWQyZGVkOTFkNmQ5MGM1YjQ3NTc5MmZlODIyYmY3OGNmODdjZmIwNzllMTY4NTJjMGFkYzhlN2FiNDA0OWExZWQ2MzU1MTMwODhmMWY4Y2JlYmViMTA5NTI2MjY1NGE4MDNkMGRmNTI4NmQ0ZTA1YzFiNWQyZDU0YzExZjkwMWE4MjcwMTgzMzhiNzU3MmE2NWQzMTlhNDFhZDE0ZDk3ZTRlODIwMzVlMDZiMDkwNTE4NjkzMWMzM2M0YWM1NzdmMWY4OTY0MGY0ZTZhNmQ0OGZjN2I2MjlmNjZmMTkzODEwMTA3YWQwYTgwNDFhNzY5YzJlNjczMjg5YWI3OTEyMzI5ZTAxNGQwNWYzNjRiMzQ2MmIzMDEwNTVmMzg2Mjg5MTZlZGZjYmY2Y2M1MThjY2RmZGZmNDE1YWY4OGI3NTJlNjlmNGYyY2M1YTgyZjFmNTUwYTBhNWFiZmUzMGQxZWIzOTkzZTQzMDNmZDM4ZjExY2IxOTE5N2RlOTU5MDVmMjQ0YzNmY2ZhNjA3OTY2YWQ2MjE1Mw=="
}
},
"tbs_fingerprint": "1aba49f3054626ef3f3ef45b8c47a8f00d8d766be08ebf3d8e4221ada05d9e78",
"tbs_noct_fingerprint": "1512bff5a051fcbab1e25beb3d72694ed4ff985674466bb7396bce9137438453",
"validation_level": "DV",
"validity": {
"length_seconds": 7775999,
"not_after": "2026-04-20T09:08:08",
"not_before": "2026-01-20T09:08:09"
},
"version": 2
},
"fingerprint_sha256": "5DDEEAF3DA39AD380338BBA91CE07C42C6475CFEDDBC10356C02B713E5451D7F",
"precert": false,
"raw": "MIIFXzCCBEegAwIBAgISBTtUaYLc2hTqjtbuKLbO+l8bMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTIwHhcNMjYwMTIwMDkwODA5WhcNMjYwNDIwMDkwODA4WjAxMS8wLQYDVQQDEyZzZXJ2ZXItODkyMi5wcm9kLmhvc3RzLm9va2xhc2VydmVyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKr9tISREebonEmfqwKgBQ/8UDwJ0WJy9wMnY8K1p1pF+5QCuGRmhphUMTzjmNiWJPiJw9UhnS3tkdbZDFtHV5L+giv3jPh8+weeFoUsCtyOerQEmh7WNVEwiPH4y+vrEJUmJlSoA9DfUobU4FwbXS1UwR+QGoJwGDOLdXKmXTGaQa0U2X5OggNeBrCQUYaTHDPErFd/H4lkD05qbUj8e2KfZvGTgQEHrQqAQadpwuZzKJq3kSMp4BTQXzZLNGKzAQVfOGKJFu38v2zFGMzf3/QVr4i3UuafTyzFqC8fVQoKWr/jDR6zmT5DA/048RyxkZfelZBfJEw/z6YHlmrWIVMCAwEAAaOCAm0wggJpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUYola0JqsTO0pERmJYg+vUUOuIGIwHwYDVR0jBBgwFoAUALUp8i2ObzHom0yteD763OkM0dIwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8vcjEyLmkubGVuY3Iub3JnLzBhBgNVHREEWjBYgiZzZXJ2ZXItODkyMi5wcm9kLmhvc3RzLm9va2xhc2VydmVyLm5ldIIuc3BlZWR0ZXN0LnVnbS5hYy5pZC5wcm9kLmhvc3RzLm9va2xhc2VydmVyLm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEyLmMubGVuY3Iub3JnLzI4LmNybDCCAQsGCisGAQQB1nkCBAIEgfwEgfkA9wB1AA5XlLzzrqk+MxssmQez95Dfm8I9cTIl3SGpJaxhxU4hAAABm9re4/gAAAQDAEYwRAIgDmBUx75s1AA7xRijVv4uZUmvlPkpDzn3TmLQ1y0FpicCIDjXX6WZ/jZ/xjRoHmeBCsAWfaot/ha/7vWcdg7ukyFJAH4A4yON8o2iiOCq4Kzw+pDJhfC2v/XSpSewAfwcRFjEtugAAAGb2t7lpAAIAAAFAC/zxMoEAwBHMEUCIAJHCVsjCsv/eAJZ8YF4cEQ9qUoq969CEfjyVIYyyw6yAiEA0WfKmQKpLMSUYXHREV3nkb51fFANknYNhKu0DcNAFQUwDQYJKoZIhvcNAQELBQADggEBAAacaABqJBLJ6fkWCEx3/oQ2u/opBZEFwCQk6WKewe9EWBbdpEAnqkwXR5Pp9XZap99g4eWexswD4iphmLRqN2mXDacTN/13krfq7LnEefJJ3UhLMehL7My3nxPtNme/z0o4Qj6J46ROUZF3dnQjdNFQAKh4oz5M2yweDN7B09MAYmaIl5n9aYo1DUz+GvjlQojWV4/DAs4+7m9FIXiFNvMnWgJWXyhbL513nF+iMlGd4RvQT+NeZKe3zRkQzEfCedx8zuz58dnJTYCcYiXL6vjT5n6Htn8RMOBQBSVs1bF8gezWe1UB9QFHo4gt9LMYTfNfINymTQXRjeAFdJ6cdNQ=",
"tags": [
"dv",
"trusted"
]
}
},
"url": "https://175.111.88.29:8080/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-02-08T05:54:24.19Z"
}
],
"services_hash": "2213f7d230a0c1f216381341fa2d7a4f2b3a2c85d43c4644cabb2cdc08b3bd39",
"last_updated_at": "2026-02-09T17:04:40.193Z",
"banner": [
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-2006-20001": {
"id": "CVE-2006-20001",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://security.netapp.com/advisory/ntap-20230316-0005/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2013-5704": {
"id": "CVE-2013-5704",
"references": [
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://martin.swende.se/blog/HTTPChunked.html",
"http://rhn.redhat.com/errata/RHSA-2015-0325.html",
"http://rhn.redhat.com/errata/RHSA-2015-1249.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1610674&r2=1610814&diff_format=h",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:174",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/66550",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"https://support.apple.com/HT205219",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://marc.info/?l=apache-httpd-dev&m=139636309822854&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://martin.swende.se/blog/HTTPChunked.html",
"http://rhn.redhat.com/errata/RHSA-2015-0325.html",
"http://rhn.redhat.com/errata/RHSA-2015-1249.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1610674&r2=1610814&diff_format=h",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:174",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/66550",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"https://support.apple.com/HT205219"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass \"RequestHeader unset\" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states \"this is not a security issue in httpd as such.\"",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2013-6438": {
"id": "CVE-2013-6438",
"references": [
"http://advisories.mageia.org/MGASA-2014-0135.html",
"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=141017844705317&w=2",
"http://marc.info/?l=bugtraq&m=141390017113542&w=2",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/58230",
"http://secunia.com/advisories/59315",
"http://secunia.com/advisories/59345",
"http://secunia.com/advisories/60536",
"http://security.gentoo.org/glsa/glsa-201408-12.xml",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718&r2=1556428&diff_format=h",
"http://www-01.ibm.com/support/docview.wss?uid=swg21669554",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
"http://www.apache.org/dist/httpd/CHANGES_2.4.9",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66303",
"http://www.ubuntu.com/usn/USN-2152-1",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2013-6438",
"https://support.apple.com/HT204659",
"https://support.apple.com/kb/HT6535"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2014-0098": {
"id": "CVE-2014-0098",
"references": [
"http://advisories.mageia.org/MGASA-2014-0135.html",
"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=141017844705317&w=2",
"http://marc.info/?l=bugtraq&m=141390017113542&w=2",
"http://seclists.org/fulldisclosure/2014/Dec/23",
"http://secunia.com/advisories/58230",
"http://secunia.com/advisories/58915",
"http://secunia.com/advisories/59219",
"http://secunia.com/advisories/59315",
"http://secunia.com/advisories/59345",
"http://secunia.com/advisories/60536",
"http://security.gentoo.org/glsa/glsa-201408-12.xml",
"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15320.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/loggers/mod_log_config.c?r1=1575394&r2=1575400&diff_format=h",
"http://www-01.ibm.com/support/docview.wss?uid=swg21668973",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
"http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
"http://www.apache.org/dist/httpd/CHANGES_2.4.9",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"http://www.securityfocus.com/archive/1/534161/100/0/threaded",
"http://www.securityfocus.com/bid/66303",
"http://www.ubuntu.com/usn/USN-2152-1",
"http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0098",
"https://support.apple.com/HT204659",
"https://support.apple.com/kb/HT6535"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2014-0117": {
"id": "CVE-2014-0117",
"references": [
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://seclists.org/fulldisclosure/2014/Jul/117",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://zerodayinitiative.com/advisories/ZDI-14-239/",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120599",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT204659",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://seclists.org/fulldisclosure/2014/Jul/117",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://zerodayinitiative.com/advisories/ZDI-14-239/",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120599",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT204659"
],
"score": 4.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "CWE-20"
},
"CVE-2014-0118": {
"id": "CVE-2014-0118",
"references": [
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.securityfocus.com/bid/68745",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120601",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0118",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659"
],
"score": 4.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "CWE-400"
},
"CVE-2014-0226": {
"id": "CVE-2014-0226",
"references": [
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://seclists.org/fulldisclosure/2014/Jul/114",
"http://secunia.com/advisories/60536",
"http://security.gentoo.org/glsa/glsa-201408-12.xml",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.exploit-db.com/exploits/34133",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.osvdb.org/109216",
"http://www.securityfocus.com/bid/68678",
"http://zerodayinitiative.com/advisories/ZDI-14-236/",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120603",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0226",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"https://www.povonsec.com/apache-2-4-7-exploit/"
],
"score": 6.8,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.",
"vector_string": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"weakness": "CWE-362"
},
"CVE-2014-0231": {
"id": "CVE-2014-0231",
"references": [
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://secunia.com/advisories/60536",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.securityfocus.com/bid/68742",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120596",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0231",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659",
"http://advisories.mageia.org/MGASA-2014-0304.html",
"http://advisories.mageia.org/MGASA-2014-0305.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143403519711434&w=2",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html",
"http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"http://secunia.com/advisories/60536",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h",
"http://www.debian.org/security/2014/dsa-2989",
"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142",
"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"http://www.securityfocus.com/bid/68742",
"https://bugzilla.redhat.com/show_bug.cgi?id=1120596",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/cve-2014-0231",
"https://security.gentoo.org/glsa/201504-03",
"https://support.apple.com/HT204659"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-399"
},
"CVE-2014-3523": {
"id": "CVE-2014-3523",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://marc.info/?l=bugtraq&m=143748090628601&w=2",
"http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c",
"http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h",
"http://www.securityfocus.com/bid/68747",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-399"
},
"CVE-2014-3581": {
"id": "CVE-2014-3581",
"references": [
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://rhn.redhat.com/errata/RHSA-2015-0325.html",
"http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749",
"http://svn.apache.org/viewvc?view=revision&revision=1624234",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/71656",
"http://www.securitytracker.com/id/1031005",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=1149709",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/97027",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201610-02",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-476"
},
"CVE-2014-8109": {
"id": "CVE-2014-8109",
"references": [
"http://advisories.mageia.org/MGASA-2015-0011.html",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html",
"http://www.openwall.com/lists/oss-security/2014/11/28/5",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.securityfocus.com/bid/73040",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://bugzilla.redhat.com/show_bug.cgi?id=1174077",
"https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb",
"https://issues.apache.org/bugzilla/show_bug.cgi?id=57204",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031"
],
"score": 4.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-863"
},
"CVE-2015-0228": {
"id": "CVE-2015-0228",
"references": [
"http://advisories.mageia.org/MGASA-2015-0099.html",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/73041",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef",
"https://github.com/apache/httpd/commit/78eb3b9235515652ed141353d98c239237030410",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031",
"http://advisories.mageia.org/MGASA-2015-0099.html",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/73041",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2523-1",
"https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef",
"https://github.com/apache/httpd/commit/78eb3b9235515652ed141353d98c239237030410",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "CWE-20"
},
"CVE-2015-3183": {
"id": "CVE-2015-3183",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://rhn.redhat.com/errata/RHSA-2015-1667.html",
"http://rhn.redhat.com/errata/RHSA-2015-1668.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://rhn.redhat.com/errata/RHSA-2016-2054.html",
"http://rhn.redhat.com/errata/RHSA-2016-2055.html",
"http://rhn.redhat.com/errata/RHSA-2016-2056.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4",
"http://www.debian.org/security/2015/dsa-3325",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"http://www.securityfocus.com/bid/75963",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2686-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6",
"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/CVE-2015-3183",
"https://security.gentoo.org/glsa/201610-02",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://marc.info/?l=bugtraq&m=144493176821532&w=2",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://rhn.redhat.com/errata/RHSA-2015-1667.html",
"http://rhn.redhat.com/errata/RHSA-2015-1668.html",
"http://rhn.redhat.com/errata/RHSA-2015-2661.html",
"http://rhn.redhat.com/errata/RHSA-2016-0061.html",
"http://rhn.redhat.com/errata/RHSA-2016-0062.html",
"http://rhn.redhat.com/errata/RHSA-2016-2054.html",
"http://rhn.redhat.com/errata/RHSA-2016-2055.html",
"http://rhn.redhat.com/errata/RHSA-2016-2056.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4",
"http://www.debian.org/security/2015/dsa-3325",
"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"http://www.securityfocus.com/bid/75963",
"http://www.securityfocus.com/bid/91787",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2686-1",
"https://access.redhat.com/errata/RHSA-2015:2659",
"https://access.redhat.com/errata/RHSA-2015:2660",
"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6",
"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://puppet.com/security/cve/CVE-2015-3183",
"https://security.gentoo.org/glsa/201610-02",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031"
],
"score": 5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "CWE-17"
},
"CVE-2015-3185": {
"id": "CVE-2015-3185",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://rhn.redhat.com/errata/RHSA-2015-1667.html",
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4",
"http://www.debian.org/security/2015/dsa-3325",
"http://www.securityfocus.com/bid/75965",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2686-1",
"https://access.redhat.com/errata/RHSA-2017:2708",
"https://access.redhat.com/errata/RHSA-2017:2709",
"https://access.redhat.com/errata/RHSA-2017:2710",
"https://github.com/apache/httpd/commit/cd2b7a26c776b0754fb98426a67804fd48118708",
"https://github.com/apache/httpd/commit/db81019ab88734ed35fa70294a0cfa7a19743f73",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT205217",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html",
"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
"http://rhn.redhat.com/errata/RHSA-2015-1666.html",
"http://rhn.redhat.com/errata/RHSA-2015-1667.html",
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4",
"http://www.debian.org/security/2015/dsa-3325",
"http://www.securityfocus.com/bid/75965",
"http://www.securitytracker.com/id/1032967",
"http://www.ubuntu.com/usn/USN-2686-1",
"https://access.redhat.com/errata/RHSA-2017:2708",
"https://access.redhat.com/errata/RHSA-2017:2709",
"https://access.redhat.com/errata/RHSA-2017:2710",
"https://github.com/apache/httpd/commit/cd2b7a26c776b0754fb98426a67804fd48118708",
"https://github.com/apache/httpd/commit/db81019ab88734ed35fa70294a0cfa7a19743f73",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://support.apple.com/HT205217",
"https://support.apple.com/HT205219",
"https://support.apple.com/kb/HT205031"
],
"score": 4.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior.",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"weakness": "CWE-264"
},
"CVE-2016-0736": {
"id": "CVE-2016-0736",
"references": [
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95078",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-0736",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.exploit-db.com/exploits/40961/",
"https://www.tenable.com/security/tns-2017-04",
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95078",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-0736",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.exploit-db.com/exploits/40961/",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-310"
},
"CVE-2016-2161": {
"id": "CVE-2016-2161",
"references": [
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95076",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-2161",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.tenable.com/security/tns-2017-04",
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95076",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-2161",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-823"
},
"CVE-2016-4975": {
"id": "CVE-2016-4975",
"references": [
"http://www.securityfocus.com/bid/105093",
"https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180926-0006/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us"
],
"score": 6.1,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 (Affected 2.4.1-2.4.23). Fixed in Apache HTTP Server 2.2.32 (Affected 2.2.0-2.2.31).",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-93"
},
"CVE-2016-5387": {
"id": "CVE-2016-5387",
"references": [
"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html",
"http://rhn.redhat.com/errata/RHSA-2016-1624.html",
"http://rhn.redhat.com/errata/RHSA-2016-1625.html",
"http://rhn.redhat.com/errata/RHSA-2016-1648.html",
"http://rhn.redhat.com/errata/RHSA-2016-1649.html",
"http://rhn.redhat.com/errata/RHSA-2016-1650.html",
"http://www.debian.org/security/2016/dsa-3623",
"http://www.kb.cert.org/vuls/id/797896",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"http://www.securityfocus.com/bid/91816",
"http://www.securitytracker.com/id/1036330",
"http://www.ubuntu.com/usn/USN-3038-1",
"https://access.redhat.com/errata/RHSA-2016:1420",
"https://access.redhat.com/errata/RHSA-2016:1421",
"https://access.redhat.com/errata/RHSA-2016:1422",
"https://access.redhat.com/errata/RHSA-2016:1635",
"https://access.redhat.com/errata/RHSA-2016:1636",
"https://access.redhat.com/errata/RHSA-2016:1851",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"https://httpoxy.org/",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/",
"https://security.gentoo.org/glsa/201701-36",
"https://support.apple.com/HT208221",
"https://www.apache.org/security/asf-httpoxy-response.txt",
"https://www.tenable.com/security/tns-2017-04",
"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html",
"http://rhn.redhat.com/errata/RHSA-2016-1624.html",
"http://rhn.redhat.com/errata/RHSA-2016-1625.html",
"http://rhn.redhat.com/errata/RHSA-2016-1648.html",
"http://rhn.redhat.com/errata/RHSA-2016-1649.html",
"http://rhn.redhat.com/errata/RHSA-2016-1650.html",
"http://www.debian.org/security/2016/dsa-3623",
"http://www.kb.cert.org/vuls/id/797896",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"http://www.securityfocus.com/bid/91816",
"http://www.securitytracker.com/id/1036330",
"http://www.ubuntu.com/usn/USN-3038-1",
"https://access.redhat.com/errata/RHSA-2016:1420",
"https://access.redhat.com/errata/RHSA-2016:1421",
"https://access.redhat.com/errata/RHSA-2016:1422",
"https://access.redhat.com/errata/RHSA-2016:1635",
"https://access.redhat.com/errata/RHSA-2016:1636",
"https://access.redhat.com/errata/RHSA-2016:1851",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"https://httpoxy.org/",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/",
"https://security.gentoo.org/glsa/201701-36",
"https://support.apple.com/HT208221",
"https://www.apache.org/security/asf-httpoxy-response.txt",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 8.1,
"services": [
"80/http"
],
"severity": "high",
"summary": "The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue. NOTE: the vendor states \"This mitigation has been assigned the identifier CVE-2016-5387\"; in other words, this is not a CVE ID for a vulnerability.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2016-8612": {
"id": "CVE-2016-8612",
"references": [
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://www.securityfocus.com/bid/94939",
"https://access.redhat.com/errata/RHSA-2017:0193",
"https://access.redhat.com/errata/RHSA-2017:0194",
"https://bugzilla.redhat.com/show_bug.cgi?id=1387605",
"https://security.netapp.com/advisory/ntap-20180601-0005/",
"http://rhn.redhat.com/errata/RHSA-2016-2957.html",
"http://www.securityfocus.com/bid/94939",
"https://access.redhat.com/errata/RHSA-2017:0193",
"https://access.redhat.com/errata/RHSA-2017:0194",
"https://bugzilla.redhat.com/show_bug.cgi?id=1387605",
"https://security.netapp.com/advisory/ntap-20180601-0005/"
],
"score": 4.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.",
"vector_string": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"weakness": "CWE-20"
},
"CVE-2016-8743": {
"id": "CVE-2016-8743",
"references": [
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95077",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://access.redhat.com/errata/RHSA-2017:1721",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03753en_us",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-8743",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09b8a39d1262adbab5528eea73df1b1f93e919bf004ed5a843d9cad1%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r4fe84db67fe9dc906c6185e58bbd9913f4356dd555a5c3db490694e5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r94284b139540e5287ebdd3450682d3e3d187263dd6b75af8fa7d4890%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcb6c7b9e7ca727a7eeeb5f13f89488a03981cfa0e7c3125f18fa239%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.tenable.com/security/tns-2017-04",
"http://rhn.redhat.com/errata/RHSA-2017-1415.html",
"http://www.debian.org/security/2017/dsa-3796",
"http://www.securityfocus.com/bid/95077",
"http://www.securitytracker.com/id/1037508",
"https://access.redhat.com/errata/RHSA-2017:0906",
"https://access.redhat.com/errata/RHSA-2017:1161",
"https://access.redhat.com/errata/RHSA-2017:1413",
"https://access.redhat.com/errata/RHSA-2017:1414",
"https://access.redhat.com/errata/RHSA-2017:1721",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03753en_us",
"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-8743",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09b8a39d1262adbab5528eea73df1b1f93e919bf004ed5a843d9cad1%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r4fe84db67fe9dc906c6185e58bbd9913f4356dd555a5c3db490694e5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r94284b139540e5287ebdd3450682d3e3d187263dd6b75af8fa7d4890%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcb6c7b9e7ca727a7eeeb5f13f89488a03981cfa0e7c3125f18fa239%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201701-36",
"https://security.netapp.com/advisory/ntap-20180423-0001/",
"https://support.apple.com/HT208221",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2017-15710": {
"id": "CVE-2017-15710",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/8",
"http://www.securityfocus.com/bid/103512",
"http://www.securitytracker.com/id/1040569",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2017-15715": {
"id": "CVE-2017-15715",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/6",
"http://www.securityfocus.com/bid/103525",
"http://www.securitytracker.com/id/1040570",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.elarlang.eu/cve-2017-15715-apache-http-server-filesmatch-bypass-with-a-trailing-newline-at-the-end-of-the-file-name.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/6",
"http://www.securityfocus.com/bid/103525",
"http://www.securitytracker.com/id/1040570",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://security.elarlang.eu/cve-2017-15715-apache-http-server-filesmatch-bypass-with-a-trailing-newline-at-the-end-of-the-file-name.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 8.1,
"services": [
"80/http"
],
"severity": "high",
"summary": "In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-20"
},
"CVE-2017-3167": {
"id": "CVE-2017-3167",
"references": [
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99135",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09",
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99135",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-287"
},
"CVE-2017-7679": {
"id": "CVE-2017-7679",
"references": [
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99170",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_us",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09",
"http://www.debian.org/security/2017/dsa-3896",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99170",
"http://www.securitytracker.com/id/1038711",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_us",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.nomachine.com/SU08O00185",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-126"
},
"CVE-2017-9788": {
"id": "CVE-2017-9788",
"references": [
"http://www.debian.org/security/2017/dsa-3913",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99569",
"http://www.securitytracker.com/id/1038906",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:2708",
"https://access.redhat.com/errata/RHSA-2017:2709",
"https://access.redhat.com/errata/RHSA-2017:2710",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://httpd.apache.org/security/vulnerabilities_22.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20170911-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.tenable.com/security/tns-2019-09",
"http://www.debian.org/security/2017/dsa-3913",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"http://www.securityfocus.com/bid/99569",
"http://www.securitytracker.com/id/1038906",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:2708",
"https://access.redhat.com/errata/RHSA-2017:2709",
"https://access.redhat.com/errata/RHSA-2017:2710",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://httpd.apache.org/security/vulnerabilities_22.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20170911-0002/",
"https://support.apple.com/HT208221",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.1,
"services": [
"80/http"
],
"severity": "critical",
"summary": "In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-20"
},
"CVE-2017-9798": {
"id": "CVE-2017-9798",
"references": [
"http://openwall.com/lists/oss-security/2017/09/18/2",
"http://www.debian.org/security/2017/dsa-3980",
"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"http://www.securityfocus.com/bid/100872",
"http://www.securityfocus.com/bid/105598",
"http://www.securitytracker.com/id/1039387",
"https://access.redhat.com/errata/RHSA-2017:2882",
"https://access.redhat.com/errata/RHSA-2017:2972",
"https://access.redhat.com/errata/RHSA-2017:3018",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch",
"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a",
"https://github.com/hannob/optionsbleed",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security-tracker.debian.org/tracker/CVE-2017-9798",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0003/",
"https://support.apple.com/HT208331",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch",
"https://www.exploit-db.com/exploits/42745/",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"https://www.tenable.com/security/tns-2019-09",
"http://openwall.com/lists/oss-security/2017/09/18/2",
"http://seclists.org/fulldisclosure/2024/Sep/22",
"http://www.debian.org/security/2017/dsa-3980",
"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"http://www.securityfocus.com/bid/100872",
"http://www.securityfocus.com/bid/105598",
"http://www.securitytracker.com/id/1039387",
"https://access.redhat.com/errata/RHSA-2017:2882",
"https://access.redhat.com/errata/RHSA-2017:2972",
"https://access.redhat.com/errata/RHSA-2017:3018",
"https://access.redhat.com/errata/RHSA-2017:3113",
"https://access.redhat.com/errata/RHSA-2017:3114",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3239",
"https://access.redhat.com/errata/RHSA-2017:3240",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch",
"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a",
"https://github.com/hannob/optionsbleed",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security-tracker.debian.org/tracker/CVE-2017-9798",
"https://security.gentoo.org/glsa/201710-32",
"https://security.netapp.com/advisory/ntap-20180601-0003/",
"https://support.apple.com/HT208331",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch",
"https://www.exploit-db.com/exploits/42745/",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-416"
},
"CVE-2018-1283": {
"id": "CVE-2018-1283",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/4",
"http://www.securityfocus.com/bid/103520",
"http://www.securitytracker.com/id/1040568",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/4",
"http://www.securityfocus.com/bid/103520",
"http://www.securitytracker.com/id/1040568",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a \"Session\" header. This comes from the \"HTTP_SESSION\" variable name used by mod_session to forward its data to CGIs, since the prefix \"HTTP_\" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2018-1301": {
"id": "CVE-2018-1301",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/2",
"http://www.securityfocus.com/bid/103515",
"http://www.securitytracker.com/id/1040573",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/2",
"http://www.securityfocus.com/bid/103515",
"http://www.securitytracker.com/id/1040573",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.9,
"services": [
"80/http"
],
"severity": "medium",
"summary": "A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-119"
},
"CVE-2018-1302": {
"id": "CVE-2018-1302",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/5",
"http://www.securityfocus.com/bid/103528",
"http://www.securitytracker.com/id/1040567",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/5",
"http://www.securityfocus.com/bid/103528",
"http://www.securitytracker.com/id/1040567",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3783-1/",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 5.9,
"services": [
"80/http"
],
"severity": "medium",
"summary": "When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-1303": {
"id": "CVE-2018-1303",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/3",
"http://www.securityfocus.com/bid/103522",
"http://www.securitytracker.com/id/1040572",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09",
"http://www.openwall.com/lists/oss-security/2018/03/24/3",
"http://www.securityfocus.com/bid/103522",
"http://www.securitytracker.com/id/1040572",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2018-1312": {
"id": "CVE-2018-1312",
"references": [
"http://www.openwall.com/lists/oss-security/2018/03/24/7",
"http://www.securityfocus.com/bid/103524",
"http://www.securitytracker.com/id/1040571",
"https://access.redhat.com/errata/RHSA-2018:3558",
"https://access.redhat.com/errata/RHSA-2019:0366",
"https://access.redhat.com/errata/RHSA-2019:0367",
"https://access.redhat.com/errata/RHSA-2019:1898",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00020.html",
"https://security.netapp.com/advisory/ntap-20180601-0004/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us",
"https://usn.ubuntu.com/3627-1/",
"https://usn.ubuntu.com/3627-2/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2018/dsa-4164",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-287"
},
"CVE-2018-17199": {
"id": "CVE-2018-17199",
"references": [
"http://www.securityfocus.com/bid/106742",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.gentoo.org/glsa/201903-21",
"https://security.netapp.com/advisory/ntap-20190125-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.tenable.com/security/tns-2019-09",
"http://www.securityfocus.com/bid/106742",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.gentoo.org/glsa/201903-21",
"https://security.netapp.com/advisory/ntap-20190125-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.tenable.com/security/tns-2019-09"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-384"
},
"CVE-2019-0217": {
"id": "CVE-2019-0217",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/5",
"http://www.securityfocus.com/bid/107668",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://bugzilla.redhat.com/show_bug.cgi?id=1695020",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/5",
"http://www.securityfocus.com/bid/107668",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://bugzilla.redhat.com/show_bug.cgi?id=1695020",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-362"
},
"CVE-2019-0220": {
"id": "CVE-2019-0220",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/6",
"http://www.securityfocus.com/bid/107670",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://access.redhat.com/errata/RHSA-2020:0250",
"https://access.redhat.com/errata/RHSA-2020:0251",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190625-0007/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/6",
"http://www.securityfocus.com/bid/107670",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://access.redhat.com/errata/RHSA-2020:0250",
"https://access.redhat.com/errata/RHSA-2020:0251",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190625-0007/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-706"
},
"CVE-2019-10092": {
"id": "CVE-2019-10092",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/4",
"http://www.openwall.com/lists/oss-security/2020/08/08/1",
"http://www.openwall.com/lists/oss-security/2020/08/08/9",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://seclists.org/bugtraq/2019/Oct/24",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K30442259",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/4",
"http://www.openwall.com/lists/oss-security/2020/08/08/1",
"http://www.openwall.com/lists/oss-security/2020/08/08/9",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://seclists.org/bugtraq/2019/Oct/24",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K30442259",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 6.1,
"services": [
"80/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2019-10098": {
"id": "CVE-2019-10098",
"references": [
"http://www.openwall.com/lists/oss-security/2020/04/01/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://www.openwall.com/lists/oss-security/2020/04/01/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 6.1,
"services": [
"80/http"
],
"severity": "medium",
"summary": "In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-601"
},
"CVE-2019-17567": {
"id": "CVE-2019-17567",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/2",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/2",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-444"
},
"CVE-2020-11985": {
"id": "CVE-2020-11985",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.gentoo.org/glsa/202008-04",
"https://security.netapp.com/advisory/ntap-20200827-0002/",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.gentoo.org/glsa/202008-04",
"https://security.netapp.com/advisory/ntap-20200827-0002/",
"https://www.oracle.com/security-alerts/cpujan2021.html"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-345"
},
"CVE-2020-13938": {
"id": "CVE-2020-13938",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/3",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/3",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20210702-0001/"
],
"score": 5.5,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-862"
},
"CVE-2020-1927": {
"id": "CVE-2020-1927",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"http://www.openwall.com/lists/oss-security/2020/04/03/1",
"http://www.openwall.com/lists/oss-security/2020/04/04/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"http://www.openwall.com/lists/oss-security/2020/04/03/1",
"http://www.openwall.com/lists/oss-security/2020/04/04/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 6.1,
"services": [
"80/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-601"
},
"CVE-2020-1934": {
"id": "CVE-2020-1934",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujul2020.html"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-908"
},
"CVE-2020-35452": {
"id": "CVE-2020-35452",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/5",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/5",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 7.3,
"services": [
"80/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"weakness": "CWE-787"
},
"CVE-2021-26690": {
"id": "CVE-2021-26690",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/6",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/6",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2021-26691": {
"id": "CVE-2021-26691",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/7",
"https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/7",
"https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-122"
},
"CVE-2021-34798": {
"id": "CVE-2021-34798",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2021-39275": {
"id": "CVE-2021-39275",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2021-40438": {
"id": "CVE-2021-40438",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-40438"
],
"score": 9,
"services": [
"80/http"
],
"severity": "critical",
"summary": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-918"
},
"CVE-2021-44224": {
"id": "CVE-2021-44224",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/3",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/3",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03"
],
"score": 8.2,
"services": [
"80/http"
],
"severity": "high",
"summary": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"weakness": "CWE-476"
},
"CVE-2021-44790": {
"id": "CVE-2021-44790",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2022-22719": {
"id": "CVE-2022-22719",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-665"
},
"CVE-2022-22720": {
"id": "CVE-2022-22720",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2022-22721": {
"id": "CVE-2022-22721",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.1,
"services": [
"80/http"
],
"severity": "critical",
"summary": "If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-23943": {
"id": "CVE-2022-23943",
"references": [
"http://www.openwall.com/lists/oss-security/2022/03/14/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.tenable.com/security/tns-2022-08",
"https://www.tenable.com/security/tns-2022-09",
"http://www.openwall.com/lists/oss-security/2022/03/14/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.tenable.com/security/tns-2022-08",
"https://www.tenable.com/security/tns-2022-09"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-26377": {
"id": "CVE-2022-26377",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
},
"CVE-2022-28330": {
"id": "CVE-2022-28330",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2022-28614": {
"id": "CVE-2022-28614",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-190"
},
"CVE-2022-28615": {
"id": "CVE-2022-28615",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.1,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2022-29404": {
"id": "CVE-2022-29404",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2022-30556": {
"id": "CVE-2022-30556",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2022-31813": {
"id": "CVE-2022-31813",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-348"
},
"CVE-2022-36760": {
"id": "CVE-2022-36760",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2022-37436": {
"id": "CVE-2022-37436",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 5.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-113"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-31122": {
"id": "CVE-2023-31122",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2023-45802": {
"id": "CVE-2023-45802",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 5.9,
"services": [
"80/http"
],
"severity": "medium",
"summary": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.nnThis was found by the reporter during testing ofxa0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.nnUsers are recommended to upgrade to version 2.4.58, which fixes the issue.n",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2024-38474": {
"id": "CVE-2024-38474",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in\ndirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\n\nSome RewriteRules that capture and substitute unsafely will now fail unless rewrite flag \"UnsafeAllow3F\" is specified.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-116"
},
"CVE-2024-38476": {
"id": "CVE-2024-38476",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://seclists.org/fulldisclosure/2024/Oct/11",
"http://www.openwall.com/lists/oss-security/2024/07/01/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"80/http"
],
"severity": "critical",
"summary": "Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-829"
},
"CVE-2024-38477": {
"id": "CVE-2024-38477",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://seclists.org/fulldisclosure/2024/Oct/11",
"http://www.openwall.com/lists/oss-security/2024/07/01/10",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2024-40898": {
"id": "CVE-2024-40898",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2024/07/17/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240808-0006/"
],
"score": 7.5,
"services": [
"80/http"
],
"severity": "high",
"summary": "SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue. ",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-918"
}
}
}