39.105.150.174
{
"scan_id": 1751354448,
"ip": "39.105.150.174",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "39.104.0.0/14",
"postal_code": "",
"coordinates": {
"latitude": "39.911",
"longitude": "116.395"
},
"geo_point": "39.911, 116.395",
"locale_code": "en",
"continent": "Asia",
"country_code": "CN",
"country_name": "China",
"city": "Beijing"
},
"location_updated_at": "2025-07-03T12:34:13Z",
"asn": {
"number": "AS37963",
"organization": "Hangzhou Alibaba Advertising Co.,Ltd.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "39.104.0.0/14",
"organization": "Hangzhou Alibaba Advertising Co.,Ltd.",
"descr": "Hangzhou Alibaba Advertising Co.,Ltd.",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:26:59Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2025-07-03T12:34:13Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2025-07-03T15:28:52Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2025-07-03T12:34:13Z"
}
],
"services": [
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 1194848391,
"body_sha256": "6ec5aa5f6bfa60e2d8185e5647f8d4ffcc2475e5dff410e5ad508ce5061b4874",
"component": [
"Apache HTTP Server"
],
"content_length": -1,
"headers": {
"accept_ranges": [
"bytes"
],
"content_type": [
"text/html"
],
"date": [
"Sat, 28 Jun 2025 04:06:41 GMT"
],
"etag": [
"\"31b-5c3c4154e1b80-gzip\""
],
"last_modified": [
"Wed, 02 Jun 2021 08:17:02 GMT"
],
"server": [
"Apache"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "团购车险报价"
}
},
"cve": [
{
"id": "CVE-1999-0070",
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"severity": "high"
},
{
"id": "CVE-2023-25690",
"severity": "critical"
}
],
"url": "http://39.105.150.174/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-06-28T04:06:42.546Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "PHP 5.5.38",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:php:php:5.5.38",
"part": "a",
"vendor": "php",
"product": "php",
"version": "5\\.5\\.38",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 876756531,
"body_sha256": "01168600ef4b5ebf491aad8775126073ee9a9636c53b4ff6938d1dc2210fedab",
"component": [
"Apache HTTP Server",
"Bootstrap"
],
"content_length": -1,
"headers": {
"access_control_allow_origin": [
"*"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Fri, 04 Jul 2025 03:45:48 GMT"
],
"server": [
"Apache"
],
"vary": [
"Accept-Encoding"
],
"x_powered_by": [
"PHP/5.5.38"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "魏丫丫"
},
"tls": {
"certificate": {
"extensions": {
"authority_info_access": {
"issuer_urls": [
"http://cacerts.digitalcertvalidation.com/TrustAsiaTLSRSACA.crt"
],
"ocsp_urls": [
"http://statuse.digitalcertvalidation.com"
]
},
"authority_key_id": "7fd399f3a0470e31005656228eb7cc9eddca018a",
"basic_constraints": {
"is_ca": true
},
"certificate_policies": [
{
"cps": [
"http://www.digicert.com/CPS"
],
"id": "2.23.140.1.2.1"
}
],
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"cbsya.com",
"www.cbsya.com"
]
},
"subject_key_id": "6eca60e56108458487f6a0548d593d4cfb23f017"
},
"fingerprint_md5": "9D98D3AD06C43D7E6E8F693DC5266154",
"fingerprint_sha1": "1282F5FE698088E60A7E5AE54A0960E41788F0A6",
"fingerprint_sha256": "D417F8CA964370CE3CA7EC9AA81A033F9DC1B4858617FA484C23608FC3AF1F5A",
"issuer": {
"common_name": [
"TrustAsia TLS RSA CA"
],
"country": [
"CN"
],
"organization": [
"TrustAsia Technologies, Inc."
],
"organizational_unit": [
"Domain Validated SSL"
]
},
"jarm": "2ad2ad16d2ad2ad22c2ad2ad2ad2adc7639a2c8ee8049d85e08031e30b69d9",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "14662310479867648855791590401888843399",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false
},
"signed_certificate_timestamps": [
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "2979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc784",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "304502206680d0c3127d2078373830528e57ba43d4e6b4bc2d560619b12edf0ea980d47f022100fd9a0c5cd4d48595f54968e5bae901ebf4b2087ba2d368535622cd2d7ba6c48d"
},
"timestamp": "2021-08-05T03:26:33.009000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "51a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e5",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100a965b3c1f1b9016bbd032075c14d9b3fd3a1bddb58490cada2553fd090351a4402203dca81456ceb09aef7bc2e195f94c1db295afa7c6d7fb15c4fb07f5c8cbf6c76"
},
"timestamp": "2021-08-05T03:26:33.135000",
"version": "v1"
},
{
"entry_type": "PRE_CERTIFICATE",
"log_id": "41c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f6",
"signature": {
"algorithm": "ECDSA",
"hash_algorithm": "SHA256",
"value": "3045022100f8b3f16442348ae3c1a89785b27e624d4bf0533121293aaded878cf1b61e907602202a6c7024ef4f7541714017f8d8b80eb8901c6b1961602b93f7bd3e4740519ef0"
},
"timestamp": "2021-08-05T03:26:33.087000",
"version": "v1"
}
],
"signed_certificate_timestamps_oid": "1.3.6.1.4.1.11129.2.4.2",
"subject": {
"common_name": [
"cbsya.com"
]
},
"subject_alt_name": {
"dns_names": [
"cbsya.com",
"www.cbsya.com"
],
"extended_dns_names": [
{
"domain": "cbsya",
"fld": "cbsya.com",
"tld": "com"
},
{
"domain": "cbsya",
"fld": "cbsya.com",
"subdomain": "www",
"tld": "com"
}
]
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "104e31fe2a7ab34de8af49bddf0bd29b0815ee7784962e6479f227a3f4f23033",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "406e2c6e6923af9e2acfecf4f8d69d7978bae74c19a6e6a4841e5b11d11afb80",
"tbs_noct_fingerprint": "516bfa75555a296524f825a315d5123a87c05fbd46c7c71446b3495baa9b6906",
"validation_level": "DV",
"validity": {
"length_seconds": 31536000,
"not_after": "2022-08-04T23:59:59",
"not_before": "2021-08-05T00:00:00"
},
"version": 2
},
"fingerprint_sha256": "D417F8CA964370CE3CA7EC9AA81A033F9DC1B4858617FA484C23608FC3AF1F5A",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-2007-3205",
"severity": "medium"
},
{
"id": "CVE-2013-6501",
"severity": "medium"
},
{
"id": "CVE-2014-5459",
"severity": "low"
}
],
"url": "https://39.105.150.174/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-04T05:01:12.685Z"
},
{
"port": 2181,
"protocol": "tcp",
"name": "http",
"version": "2.4.38",
"product": "Apache httpd",
"extra_info": "(Debian)",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server:2.4.38",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "2\\.4\\.38",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -2122701887,
"body_sha256": "0129d0b78844502f2b7ad14baaedb9f2af85ea601a25994b7db34812eb20bbc1",
"component": [
"Apache HTTP Server:2.4.38",
"Debian"
],
"content_length": -1,
"favicon": {
"md5_hash": "2ada598f76575276ec71aada41723a5a",
"murmur_hash": -1172921651,
"path": "http://39.105.150.174:2181/favicon.ico",
"size": 4286
},
"headers": {
"accept_ranges": [
"bytes"
],
"content_type": [
"text/html"
],
"date": [
"Thu, 03 Jul 2025 02:41:56 GMT"
],
"etag": [
"\"736-6303ab4ded248-gzip\""
],
"last_modified": [
"Thu, 13 Mar 2025 15:09:21 GMT"
],
"server": [
"Apache/2.4.38 (Debian)"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "致研科技研发成果管理系统"
}
},
"cve": [
{
"id": "CVE-2006-20001",
"severity": "high"
},
{
"id": "CVE-2019-0196",
"severity": "medium"
},
{
"id": "CVE-2019-0197",
"severity": "medium"
}
],
"url": "http://39.105.150.174:2181/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-03T02:41:57.694Z"
},
{
"port": 3306,
"protocol": "tcp",
"name": "mysql",
"version": "5.5.56-log",
"product": "MySQL",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:mysql:mysql:5.5.56-log",
"part": "a",
"vendor": "mysql",
"product": "mysql",
"version": "5\\.5\\.56\\-log",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"mysql": {
"capability_flags": {
"CLIENT_COMPRESS": true,
"CLIENT_CONNECT_WITH_DB": true,
"CLIENT_FOUND_ROWS": true,
"CLIENT_IGNORE_SIGPIPE": true,
"CLIENT_IGNORE_SPACE": true,
"CLIENT_INTERACTIVE": true,
"CLIENT_LOCAL_FILES": true,
"CLIENT_LONG_FLAG": true,
"CLIENT_LONG_PASSWORD": true,
"CLIENT_MULTI_RESULTS": true,
"CLIENT_MULTI_STATEMENTS": true,
"CLIENT_NO_SCHEMA": true,
"CLIENT_ODBC": true,
"CLIENT_PLUGIN_AUTH": true,
"CLIENT_PROTOCOL_41": true,
"CLIENT_PS_MULTI_RESULTS": true,
"CLIENT_RESERVED": true,
"CLIENT_SECURE_CONNECTION": true,
"CLIENT_TRANSACTIONS": true
},
"protocol_version": 10,
"version": "5.5.56-log"
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-02T15:08:19.887Z"
},
{
"port": 8087,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -867849085,
"body_sha256": "baa0f38d2dc29056a16651ab4667c351c20bfa2c73c3114ac2597f35e01d8189",
"component": [
"Apache HTTP Server"
],
"content_length": 275,
"headers": {
"content_length": [
"275"
],
"content_type": [
"text/html; charset=iso-8859-1"
],
"date": [
"Sun, 29 Jun 2025 16:52:21 GMT"
],
"server": [
"Apache"
]
},
"protocol": "HTTP/1.1",
"status_code": 403,
"title": "403 Forbidden"
}
},
"cve": [
{
"id": "CVE-1999-0070",
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"severity": "high"
},
{
"id": "CVE-2023-25690",
"severity": "critical"
}
],
"url": "http://39.105.150.174:8087/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-06-29T16:52:21.868Z"
},
{
"port": 9092,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": 822858161,
"body_sha256": "d7e2b49a96681e01978345b7c51e56f6c2d2a696084454bd96da614dd2a77f01",
"component": [
"Nginx"
],
"content_length": -1,
"favicon": {
"md5_hash": "5701bff701ad9ad5d90b7cf0e45c1575",
"murmur_hash": -707204506,
"path": "http://39.105.150.174:9092/favicon.ico",
"size": 4286
},
"headers": {
"connection": [
"keep-alive"
],
"content_type": [
"text/html"
],
"date": [
"Sat, 28 Jun 2025 20:10:18 GMT"
],
"etag": [
"W/\"67be74ac-6ae\""
],
"last_modified": [
"Wed, 26 Feb 2025 01:55:56 GMT"
],
"server": [
"nginx"
],
"vary": [
"Accept-Encoding"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "struggling",
"transfer_encoding": [
"chunked"
]
}
},
"url": "http://39.105.150.174:9092/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-06-28T20:10:19.874Z"
},
{
"port": 9093,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache Tomcat",
"extra_info": "language: en",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:apache:tomcat",
"part": "a",
"vendor": "apache",
"product": "tomcat",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1242917558,
"body_sha256": "7712e2a158569430e552a8999359757e0228accd54d9ee1e74a29f6d80c86e26",
"content_length": -1,
"favicon": {
"md5_hash": "4644f2d45601037b8423d45e13194c93",
"murmur_hash": -297069493,
"path": "http://39.105.150.174:9093/favicon.ico",
"size": 21630
},
"headers": {
"content_type": [
"text/html;charset=UTF-8"
],
"date": [
"Wed, 02 Jul 2025 13:57:21 GMT"
]
},
"protocol": "HTTP/1.1",
"status_code": 200,
"title": "Apache Tomcat/9.0.56",
"transfer_encoding": [
"chunked"
]
}
},
"url": "http://39.105.150.174:9093/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2025-07-02T13:57:23.977Z"
}
],
"services_hash": "c04e435754ddad8eec7b8f4e37cd40283bff307212ae00d4fd661454c83d4d7f",
"last_updated_at": "2025-07-04T05:01:12.685Z",
"banner": [
"http",
"mysql",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"8087/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"8087/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2006-20001": {
"id": "CVE-2006-20001",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://security.netapp.com/advisory/ntap-20230316-0005/"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2007-3205": {
"id": "CVE-2007-3205",
"references": [
"http://osvdb.org/39834",
"http://securityreason.com/securityalert/2800",
"http://www.acid-root.new.fr/advisories/14070612.txt",
"http://www.securityfocus.com/archive/1/471178/100/0/threaded",
"http://www.securityfocus.com/archive/1/471204/100/0/threaded",
"http://www.securityfocus.com/archive/1/471275/100/0/threaded",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/34836",
"http://osvdb.org/39834",
"http://securityreason.com/securityalert/2800",
"http://www.acid-root.new.fr/advisories/14070612.txt",
"http://www.securityfocus.com/archive/1/471178/100/0/threaded",
"http://www.securityfocus.com/archive/1/471204/100/0/threaded",
"http://www.securityfocus.com/archive/1/471275/100/0/threaded",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/34836"
],
"score": 5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2013-6501": {
"id": "CVE-2013-6501",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html",
"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"http://www.securityfocus.com/bid/72530",
"https://bugzilla.redhat.com/show_bug.cgi?id=1009103",
"https://security.gentoo.org/glsa/201606-10",
"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html",
"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"http://www.securityfocus.com/bid/72530",
"https://bugzilla.redhat.com/show_bug.cgi?id=1009103",
"https://security.gentoo.org/glsa/201606-10"
],
"score": 4.6,
"services": [
"443/http"
],
"severity": "medium",
"summary": "The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.",
"vector_string": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"weakness": "CWE-74"
},
"CVE-2014-5459": {
"id": "CVE-2014-5459",
"references": [
"http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html",
"http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html",
"http://www.openwall.com/lists/oss-security/2014/08/27/3",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282",
"http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html",
"http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html",
"http://www.openwall.com/lists/oss-security/2014/08/27/3",
"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282"
],
"score": 3.6,
"services": [
"443/http"
],
"severity": "low",
"summary": "The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions.",
"vector_string": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"weakness": "CWE-59"
},
"CVE-2014-9426": {
"id": "CVE-2014-9426",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=a72cd07f2983dc43a6bb35209dc4687852e53c09",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef89ab2f99fbd9b7b714556d4f1f50644eb54191",
"http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html",
"https://bugs.php.net/bug.php?id=68665",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=a72cd07f2983dc43a6bb35209dc4687852e53c09",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef89ab2f99fbd9b7b714556d4f1f50644eb54191",
"http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html",
"https://bugs.php.net/bug.php?id=68665"
],
"score": 7.3,
"services": [
"443/http"
],
"severity": "high",
"summary": "The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"weakness": "CWE-17"
},
"CVE-2015-4601": {
"id": "CVE-2015-4601",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8",
"http://php.net/ChangeLog-5.php",
"http://rhn.redhat.com/errata/RHSA-2015-1135.html",
"http://rhn.redhat.com/errata/RHSA-2015-1218.html",
"http://www.openwall.com/lists/oss-security/2015/06/16/12",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/75246",
"http://www.securitytracker.com/id/1032709",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8",
"http://php.net/ChangeLog-5.php",
"http://rhn.redhat.com/errata/RHSA-2015-1135.html",
"http://rhn.redhat.com/errata/RHSA-2015-1218.html",
"http://www.openwall.com/lists/oss-security/2015/06/16/12",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"http://www.securityfocus.com/bid/75246",
"http://www.securitytracker.com/id/1032709"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-Other"
},
"CVE-2015-8874": {
"id": "CVE-2015-8874",
"references": [
"http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html",
"http://php.net/ChangeLog-5.php",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.debian.org/security/2016/dsa-3587",
"http://www.ubuntu.com/usn/USN-2987-1",
"https://bugs.php.net/bug.php?id=66387",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html",
"http://php.net/ChangeLog-5.php",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.debian.org/security/2016/dsa-3587",
"http://www.ubuntu.com/usn/USN-2987-1",
"https://bugs.php.net/bug.php?id=66387",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-119"
},
"CVE-2015-8877": {
"id": "CVE-2015-8877",
"references": [
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.debian.org/security/2016/dsa-3587",
"http://www.php.net/ChangeLog-5.php",
"http://www.ubuntu.com/usn/USN-2987-1",
"https://bugs.php.net/bug.php?id=70064",
"https://github.com/libgd/libgd/commit/4751b606fa38edc456d627140898a7ec679fcc24",
"https://github.com/libgd/libgd/issues/173",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.debian.org/security/2016/dsa-3587",
"http://www.php.net/ChangeLog-5.php",
"http://www.ubuntu.com/usn/USN-2987-1",
"https://bugs.php.net/bug.php?id=70064",
"https://github.com/libgd/libgd/commit/4751b606fa38edc456d627140898a7ec679fcc24",
"https://github.com/libgd/libgd/issues/173"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-399"
},
"CVE-2015-8994": {
"id": "CVE-2015-8994",
"references": [
"http://marc.info/?l=php-internals&m=147876797317925&w=2",
"http://marc.info/?l=php-internals&m=147921016724565&w=2",
"http://openwall.com/lists/oss-security/2017/02/28/1",
"http://seclists.org/oss-sec/2016/q4/343",
"http://seclists.org/oss-sec/2017/q1/520",
"https://bugs.php.net/bug.php?id=69090",
"https://ma.ttias.be/a-better-way-to-run-php-fpm/",
"http://marc.info/?l=php-internals&m=147876797317925&w=2",
"http://marc.info/?l=php-internals&m=147921016724565&w=2",
"http://openwall.com/lists/oss-security/2017/02/28/1",
"http://seclists.org/oss-sec/2016/q4/343",
"http://seclists.org/oss-sec/2017/q1/520",
"https://bugs.php.net/bug.php?id=69090",
"https://ma.ttias.be/a-better-way-to-run-php-fpm/"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode (\"opcode\" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-264"
},
"CVE-2015-9253": {
"id": "CVE-2015-9253",
"references": [
"https://bugs.php.net/bug.php?id=70185",
"https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287",
"https://bugs.php.net/bug.php?id=75968",
"https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22",
"https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/4279-1/",
"https://www.futureweb.at/security/CVE-2015-9253/",
"https://bugs.php.net/bug.php?id=70185",
"https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287",
"https://bugs.php.net/bug.php?id=75968",
"https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22",
"https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/4279-1/",
"https://www.futureweb.at/security/CVE-2015-9253/"
],
"score": 6.5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2016-10158": {
"id": "CVE-2016-10158",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3783",
"http://www.securityfocus.com/bid/95764",
"http://www.securitytracker.com/id/1037659",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73737",
"https://github.com/php/php-src/commit/1cda0d7c2ffb62d8331c64e703131d9cabdc03ea",
"https://security.gentoo.org/glsa/201702-29",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-04",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3783",
"http://www.securityfocus.com/bid/95764",
"http://www.securitytracker.com/id/1037659",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73737",
"https://github.com/php/php-src/commit/1cda0d7c2ffb62d8331c64e703131d9cabdc03ea",
"https://security.gentoo.org/glsa/201702-29",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-189"
},
"CVE-2016-10159": {
"id": "CVE-2016-10159",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3783",
"http://www.securityfocus.com/bid/95774",
"http://www.securitytracker.com/id/1037659",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73764",
"https://github.com/php/php-src/commit/ca46d0acbce55019b970fcd4c1e8a10edfdded93",
"https://security.gentoo.org/glsa/201702-29",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-04",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3783",
"http://www.securityfocus.com/bid/95774",
"http://www.securitytracker.com/id/1037659",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73764",
"https://github.com/php/php-src/commit/ca46d0acbce55019b970fcd4c1e8a10edfdded93",
"https://security.gentoo.org/glsa/201702-29",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2016-10161": {
"id": "CVE-2016-10161",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3783",
"http://www.securityfocus.com/bid/95768",
"http://www.securitytracker.com/id/1037659",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73825",
"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2",
"https://security.gentoo.org/glsa/201702-29",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-04",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3783",
"http://www.securityfocus.com/bid/95768",
"http://www.securitytracker.com/id/1037659",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73825",
"https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2",
"https://security.gentoo.org/glsa/201702-29",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-04"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2016-10397": {
"id": "CVE-2016-10397",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b061fa909de77085d3822a89ab901b934d0362c4",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99552",
"https://bugs.php.net/bug.php?id=73192",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b061fa909de77085d3822a89ab901b934d0362c4",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99552",
"https://bugs.php.net/bug.php?id=73192",
"https://security.netapp.com/advisory/ntap-20180112-0001/"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:[email protected]/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c).",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-20"
},
"CVE-2016-7124": {
"id": "CVE-2016-7124",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92756",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72663",
"https://github.com/php/php-src/commit/20ce2fe8e3c211a42fee05a461a5881be9a8790e?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92756",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72663",
"https://github.com/php/php-src/commit/20ce2fe8e3c211a42fee05a461a5881be9a8790e?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-502"
},
"CVE-2016-7125": {
"id": "CVE-2016-7125",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92552",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72681",
"https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92552",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72681",
"https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-74"
},
"CVE-2016-7126": {
"id": "CVE-2016-7126",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92755",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72697",
"https://github.com/php/php-src/commit/28022c9b1fd937436ab67bb3d61f652c108baf96",
"https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92755",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72697",
"https://github.com/php/php-src/commit/28022c9b1fd937436ab67bb3d61f652c108baf96",
"https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2016-7127": {
"id": "CVE-2016-7127",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92757",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72730",
"https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92757",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72730",
"https://github.com/php/php-src/commit/1bd103df00f49cf4d4ade2cfe3f456ac058a4eae?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2016-7128": {
"id": "CVE-2016-7128",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92564",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72627",
"https://github.com/php/php-src/commit/6dbb1ee46b5f4725cc6519abf91e512a2a10dfed?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92564",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72627",
"https://github.com/php/php-src/commit/6dbb1ee46b5f4725cc6519abf91e512a2a10dfed?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 5.3,
"services": [
"443/http"
],
"severity": "medium",
"summary": "The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2016-7129": {
"id": "CVE-2016-7129",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92758",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72749",
"https://github.com/php/php-src/commit/426aeb2808955ee3d3f52e0cfb102834cdb836a5?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92758",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72749",
"https://github.com/php/php-src/commit/426aeb2808955ee3d3f52e0cfb102834cdb836a5?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-20"
},
"CVE-2016-7130": {
"id": "CVE-2016-7130",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92764",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72750",
"https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92764",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72750",
"https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2016-7131": {
"id": "CVE-2016-7131",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92768",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72790",
"https://github.com/php/php-src/commit/0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f",
"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92768",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72790",
"https://github.com/php/php-src/commit/0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f",
"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2016-7132": {
"id": "CVE-2016-7132",
"references": [
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92767",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72799",
"https://github.com/php/php-src/commit/0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f",
"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://openwall.com/lists/oss-security/2016/09/02/9",
"http://rhn.redhat.com/errata/RHSA-2016-2750.html",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/92767",
"http://www.securitytracker.com/id/1036680",
"https://bugs.php.net/bug.php?id=72799",
"https://github.com/php/php-src/commit/0c8a2a2cd1056b7dc403eacb5d2c0eec6ce47c6f",
"https://github.com/php/php-src/commit/a14fdb9746262549bbbb96abb87338bacd147e1b?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2016-7411": {
"id": "CVE-2016-7411",
"references": [
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.securityfocus.com/bid/93009",
"http://www.securitytracker.com/id/1036836",
"https://bugs.php.net/bug.php?id=73052",
"https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1",
"https://security.gentoo.org/glsa/201611-22",
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.securityfocus.com/bid/93009",
"http://www.securitytracker.com/id/1036836",
"https://bugs.php.net/bug.php?id=73052",
"https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1",
"https://security.gentoo.org/glsa/201611-22"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-119"
},
"CVE-2016-7412": {
"id": "CVE-2016-7412",
"references": [
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93005",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=72293",
"https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93005",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=72293",
"https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 8.1,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-119"
},
"CVE-2016-7413": {
"id": "CVE-2016-7413",
"references": [
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93006",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=72860",
"https://github.com/php/php-src/commit/b88393f08a558eec14964a55d3c680fe67407712?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93006",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=72860",
"https://github.com/php/php-src/commit/b88393f08a558eec14964a55d3c680fe67407712?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2016-7414": {
"id": "CVE-2016-7414",
"references": [
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93004",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=72928",
"https://github.com/php/php-src/commit/0bfb970f43acd1e81d11be1154805f86655f15d5?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93004",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=72928",
"https://github.com/php/php-src/commit/0bfb970f43acd1e81d11be1154805f86655f15d5?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-119"
},
"CVE-2016-7416": {
"id": "CVE-2016-7416",
"references": [
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93008",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73007",
"https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93008",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73007",
"https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-119"
},
"CVE-2016-7417": {
"id": "CVE-2016-7417",
"references": [
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93007",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73029",
"https://github.com/php/php-src/commit/ecb7f58a069be0dec4a6131b6351a761f808f22e?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93007",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73029",
"https://github.com/php/php-src/commit/ecb7f58a069be0dec4a6131b6351a761f808f22e?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-20"
},
"CVE-2016-7418": {
"id": "CVE-2016-7418",
"references": [
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93011",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73065",
"https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19",
"http://www.openwall.com/lists/oss-security/2016/09/15/10",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93011",
"http://www.securitytracker.com/id/1036836",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73065",
"https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29?w=1",
"https://security.gentoo.org/glsa/201611-22",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-119"
},
"CVE-2016-9137": {
"id": "CVE-2016-9137",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0e6fe3a4c96be2d3e88389a5776f878021b4c59f",
"http://www.debian.org/security/2016/dsa-3698",
"http://www.openwall.com/lists/oss-security/2016/11/01/2",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93577",
"https://bugs.php.net/bug.php?id=73147",
"https://www.tenable.com/security/tns-2016-19",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0e6fe3a4c96be2d3e88389a5776f878021b4c59f",
"http://www.debian.org/security/2016/dsa-3698",
"http://www.openwall.com/lists/oss-security/2016/11/01/2",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/93577",
"https://bugs.php.net/bug.php?id=73147",
"https://www.tenable.com/security/tns-2016-19"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2016-9138": {
"id": "CVE-2016-9138",
"references": [
"http://www.openwall.com/lists/oss-security/2016/11/01/2",
"http://www.securityfocus.com/bid/95268",
"https://bugs.php.net/bug.php?id=73147",
"http://www.openwall.com/lists/oss-security/2016/11/01/2",
"http://www.securityfocus.com/bid/95268",
"https://bugs.php.net/bug.php?id=73147"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2016-9934": {
"id": "CVE-2016-9934",
"references": [
"http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html",
"http://www.openwall.com/lists/oss-security/2016/12/12/2",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/94845",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73331",
"https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d",
"http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html",
"http://www.openwall.com/lists/oss-security/2016/12/12/2",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/94845",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73331",
"https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2016-9935": {
"id": "CVE-2016-9935",
"references": [
"http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html",
"http://www.debian.org/security/2016/dsa-3737",
"http://www.openwall.com/lists/oss-security/2016/12/12/2",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/94846",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73631",
"https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0",
"https://security.gentoo.org/glsa/201702-29",
"http://lists.opensuse.org/opensuse-updates/2016-12/msg00142.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html",
"http://lists.opensuse.org/opensuse-updates/2017-01/msg00054.html",
"http://www.debian.org/security/2016/dsa-3737",
"http://www.openwall.com/lists/oss-security/2016/12/12/2",
"http://www.php.net/ChangeLog-5.php",
"http://www.php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/94846",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73631",
"https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0",
"https://security.gentoo.org/glsa/201702-29"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-125"
},
"CVE-2017-11142": {
"id": "CVE-2017-11142",
"references": [
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99601",
"https://bugs.php.net/bug.php?id=73807",
"https://github.com/php/php-src/commit/0f8cf3b8497dc45c010c44ed9e96518e11e19fc3",
"https://github.com/php/php-src/commit/a15bffd105ac28fd0dd9b596632dbf035238fda3",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99601",
"https://bugs.php.net/bug.php?id=73807",
"https://github.com/php/php-src/commit/0f8cf3b8497dc45c010c44ed9e96518e11e19fc3",
"https://github.com/php/php-src/commit/a15bffd105ac28fd0dd9b596632dbf035238fda3",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-400"
},
"CVE-2017-11143": {
"id": "CVE-2017-11143",
"references": [
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://www.securityfocus.com/bid/99553",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74145",
"https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2aae60461c2ff7b7fbcdd194c789ac841d0747d7",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://www.securityfocus.com/bid/99553",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74145",
"https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2aae60461c2ff7b7fbcdd194c789ac841d0747d7",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-416"
},
"CVE-2017-11144": {
"id": "CVE-2017-11144",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=73cabfedf519298e1a11192699f44d53c529315e",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=89637c6b41b510c20d262c17483f582f115c66d6",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=91826a311dd37f4c4e5d605fa7af331e80ddd4c3",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74651",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=73cabfedf519298e1a11192699f44d53c529315e",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=89637c6b41b510c20d262c17483f582f115c66d6",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=91826a311dd37f4c4e5d605fa7af331e80ddd4c3",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74651",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-754"
},
"CVE-2017-11145": {
"id": "CVE-2017-11145",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e8b7698f5ee757ce2c8bd10a192a491a498f891c",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99550",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74819",
"https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e8b7698f5ee757ce2c8bd10a192a491a498f891c",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99550",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74819",
"https://gist.github.com/anonymous/bd77ac90d3bdf31ce2a5251ad92e9e75",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.tenable.com/security/tns-2017-12"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: the correct fix is in the e8b7698f5ee757ce2c8bd10a192a491a498f891c commit, not the bd77ac90d3bdf31ce2a5251ad92e9e75 gist.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2017-11147": {
"id": "CVE-2017-11147",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e5246580a85f031e1a3b8064edbaa55c1643a451",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99607",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73773",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-12",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e5246580a85f031e1a3b8064edbaa55c1643a451",
"http://openwall.com/lists/oss-security/2017/07/10/6",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99607",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=73773",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-12"
],
"score": 9.1,
"services": [
"443/http"
],
"severity": "critical",
"summary": "In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2017-11628": {
"id": "CVE-2017-11628",
"references": [
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=05255749139b3686c8a6a58ee01131ac0047465e",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=5f8380d33e648964d2d5140f329cf2d4c443033c",
"http://www.securityfocus.com/bid/99489",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74603",
"https://security.gentoo.org/glsa/201709-21",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=05255749139b3686c8a6a58ee01131ac0047465e",
"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=5f8380d33e648964d2d5140f329cf2d4c443033c",
"http://www.securityfocus.com/bid/99489",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74603",
"https://security.gentoo.org/glsa/201709-21",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081"
],
"score": 7.8,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system's php.ini file) for the parse_ini_string or parse_ini_file function, e.g., a web application for syntax validation of php.ini directives.",
"vector_string": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"weakness": "CWE-119"
},
"CVE-2017-12933": {
"id": "CVE-2017-12933",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99490",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74111",
"https://usn.ubuntu.com/3566-1/",
"https://usn.ubuntu.com/3566-2/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/99490",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74111",
"https://usn.ubuntu.com/3566-1/",
"https://usn.ubuntu.com/3566-2/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-125"
},
"CVE-2017-16642": {
"id": "CVE-2017-16642",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/101745",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75055",
"https://github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536",
"https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1",
"https://security.netapp.com/advisory/ntap-20181123-0001/",
"https://usn.ubuntu.com/3566-1/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.exploit-db.com/exploits/43133/",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/101745",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75055",
"https://github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536",
"https://github.com/php/php-src/commit/5c0455bf2c8cd3c25401407f158e820aa3b239e1",
"https://security.netapp.com/advisory/ntap-20181123-0001/",
"https://usn.ubuntu.com/3566-1/",
"https://www.debian.org/security/2018/dsa-4080",
"https://www.debian.org/security/2018/dsa-4081",
"https://www.exploit-db.com/exploits/43133/"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2017-7272": {
"id": "CVE-2017-7272",
"references": [
"http://www.securityfocus.com/bid/97178",
"http://www.securitytracker.com/id/1038158",
"https://bugs.php.net/bug.php?id=74216",
"https://bugs.php.net/bug.php?id=75505",
"https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170403-0_PHP_Misbehavior_of_fsockopen_function_v10.txt",
"http://www.securityfocus.com/bid/97178",
"http://www.securitytracker.com/id/1038158",
"https://bugs.php.net/bug.php?id=74216",
"https://bugs.php.net/bug.php?id=75505",
"https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170403-0_PHP_Misbehavior_of_fsockopen_function_v10.txt"
],
"score": 7.4,
"services": [
"443/http"
],
"severity": "high",
"summary": "PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"weakness": "CWE-918"
},
"CVE-2017-7890": {
"id": "CVE-2017-7890",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3938",
"http://www.securityfocus.com/bid/99492",
"https://access.redhat.com/errata/RHSA-2018:0406",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74435",
"https://bugs.php.net/patch-display.php?bug=74435&patch=fix-74435-php-7.0&revision=1497970038",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.debian.org/security/2017/dsa-3938",
"http://www.securityfocus.com/bid/99492",
"https://access.redhat.com/errata/RHSA-2018:0406",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://bugs.php.net/bug.php?id=74435",
"https://bugs.php.net/patch-display.php?bug=74435&patch=fix-74435-php-7.0&revision=1497970038",
"https://security.netapp.com/advisory/ntap-20180112-0001/",
"https://www.tenable.com/security/tns-2017-12"
],
"score": 6.5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2017-7963": {
"id": "CVE-2017-7963",
"references": [
"https://bugs.php.net/bug.php?id=74308",
"https://bugs.php.net/bug.php?id=74308"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating \"There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2017-8923": {
"id": "CVE-2017-8923",
"references": [
"http://www.securityfocus.com/bid/98518",
"https://bugs.php.net/bug.php?id=74577",
"http://www.securityfocus.com/bid/98518",
"https://bugs.php.net/bug.php?id=74577",
"https://security.netapp.com/advisory/ntap-20241227-0007/"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2017-9224": {
"id": "CVE-2017-9224",
"references": [
"http://www.securityfocus.com/bid/101244",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b",
"https://github.com/kkos/oniguruma/issues/57",
"http://www.securityfocus.com/bid/101244",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b",
"https://github.com/kkos/oniguruma/issues/57"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-125"
},
"CVE-2017-9226": {
"id": "CVE-2017-9226",
"references": [
"http://www.securityfocus.com/bid/101244",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://github.com/kkos/oniguruma/commit/b4bf968ad52afe14e60a2dc8a95d3555c543353a",
"https://github.com/kkos/oniguruma/commit/f015fbdd95f76438cd86366467bb2b39870dd7c6",
"https://github.com/kkos/oniguruma/issues/55",
"http://www.securityfocus.com/bid/101244",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://github.com/kkos/oniguruma/commit/b4bf968ad52afe14e60a2dc8a95d3555c543353a",
"https://github.com/kkos/oniguruma/commit/f015fbdd95f76438cd86366467bb2b39870dd7c6",
"https://github.com/kkos/oniguruma/issues/55"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2018-10545": {
"id": "CVE-2018-10545",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104022",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75605",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://usn.ubuntu.com/3646-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104022",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75605",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://usn.ubuntu.com/3646-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 4.7,
"services": [
"443/http"
],
"severity": "medium",
"summary": "An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process.",
"vector_string": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2018-10546": {
"id": "CVE-2018-10546",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104019",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76249",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104019",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76249",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-835"
},
"CVE-2018-10547": {
"id": "CVE-2018-10547",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76129",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://usn.ubuntu.com/3646-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76129",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://usn.ubuntu.com/3646-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 6.1,
"services": [
"443/http"
],
"severity": "medium",
"summary": "An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2018-10548": {
"id": "CVE-2018-10548",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104019",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76248",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://usn.ubuntu.com/3646-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12",
"https://www.tenable.com/security/tns-2019-07",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104019",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76248",
"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://usn.ubuntu.com/3646-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.tenable.com/security/tns-2018-12",
"https://www.tenable.com/security/tns-2019-07"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-10549": {
"id": "CVE-2018-10549",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104019",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76130",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.synology.com/support/security/Synology_SA_18_20",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104019",
"http://www.securitytracker.com/id/1040807",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76130",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180607-0003/",
"https://usn.ubuntu.com/3646-1/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.synology.com/support/security/Synology_SA_18_20",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 8.8,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\\0' character.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"weakness": "CWE-125"
},
"CVE-2018-14851": {
"id": "CVE-2018-14851",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104871",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76557",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html",
"https://security.netapp.com/advisory/ntap-20181107-0003/",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/3766-2/",
"https://www.debian.org/security/2018/dsa-4353",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104871",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76557",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html",
"https://security.netapp.com/advisory/ntap-20181107-0003/",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/3766-2/",
"https://www.debian.org/security/2018/dsa-4353",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 5.5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.",
"vector_string": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2018-14883": {
"id": "CVE-2018-14883",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104871",
"https://bugs.php.net/bug.php?id=76423",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html",
"https://security.netapp.com/advisory/ntap-20181107-0003/",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/3766-2/",
"https://www.debian.org/security/2018/dsa-4353",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/104871",
"https://bugs.php.net/bug.php?id=76423",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html",
"https://security.netapp.com/advisory/ntap-20181107-0003/",
"https://usn.ubuntu.com/3766-1/",
"https://usn.ubuntu.com/3766-2/",
"https://www.debian.org/security/2018/dsa-4353",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2018-15132": {
"id": "CVE-2018-15132",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://bugs.php.net/bug.php?id=76459",
"https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4",
"https://security.netapp.com/advisory/ntap-20181107-0003/",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://bugs.php.net/bug.php?id=76459",
"https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4",
"https://security.netapp.com/advisory/ntap-20181107-0003/",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2018-17082": {
"id": "CVE-2018-17082",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76582",
"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180924-0001/",
"https://www.debian.org/security/2018/dsa-4353",
"https://www.tenable.com/security/tns-2019-07",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=76582",
"https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e",
"https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html",
"https://security.gentoo.org/glsa/201812-01",
"https://security.netapp.com/advisory/ntap-20180924-0001/",
"https://www.debian.org/security/2018/dsa-4353",
"https://www.tenable.com/security/tns-2019-07"
],
"score": 6.1,
"services": [
"443/http"
],
"severity": "medium",
"summary": "The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a \"Transfer-Encoding: chunked\" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2018-19395": {
"id": "CVE-2018-19395",
"references": [
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/",
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM(\"WScript.Shell\").",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2018-19396": {
"id": "CVE-2018-19396",
"references": [
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/",
"http://www.securityfocus.com/bid/105989",
"https://bugs.php.net/bug.php?id=77177",
"https://security.netapp.com/advisory/ntap-20181221-0005/"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-502"
},
"CVE-2018-19520": {
"id": "CVE-2018-19520",
"references": [
"https://blog.whiterabbitxyj.com/cve/SDCMS_1.6_code_execution.doc",
"https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/SDCMS_1.6_code_execution.doc",
"https://blog.whiterabbitxyj.com/cve/SDCMS_1.6_code_execution.doc",
"https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/SDCMS_1.6_code_execution.doc"
],
"score": 8.8,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin template management.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-94"
},
"CVE-2018-20783": {
"id": "CVE-2018-20783",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77143",
"https://usn.ubuntu.com/3566-2/",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77143",
"https://usn.ubuntu.com/3566-2/"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2018-5711": {
"id": "CVE-2018-5711",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75571",
"https://lists.debian.org/debian-lts-announce/2018/01/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/",
"https://security.gentoo.org/glsa/201903-18",
"https://usn.ubuntu.com/3755-1/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75571",
"https://lists.debian.org/debian-lts-announce/2018/01/msg00022.html",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/",
"https://security.gentoo.org/glsa/201903-18",
"https://usn.ubuntu.com/3755-1/",
"https://www.oracle.com/security-alerts/cpuapr2020.html"
],
"score": 5.5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.",
"vector_string": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"weakness": "CWE-681"
},
"CVE-2018-5712": {
"id": "CVE-2018-5712",
"references": [
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/102742",
"http://www.securityfocus.com/bid/104020",
"http://www.securitytracker.com/id/1040363",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=74782",
"https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html",
"https://usn.ubuntu.com/3566-1/",
"https://usn.ubuntu.com/3600-1/",
"https://usn.ubuntu.com/3600-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/102742",
"http://www.securityfocus.com/bid/104020",
"http://www.securitytracker.com/id/1040363",
"https://access.redhat.com/errata/RHSA-2018:1296",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=74782",
"https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html",
"https://usn.ubuntu.com/3566-1/",
"https://usn.ubuntu.com/3600-1/",
"https://usn.ubuntu.com/3600-2/",
"https://www.oracle.com/security-alerts/cpuapr2020.html"
],
"score": 6.1,
"services": [
"443/http"
],
"severity": "medium",
"summary": "An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2018-7584": {
"id": "CVE-2018-7584",
"references": [
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/103204",
"http://www.securitytracker.com/id/1041607",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75981",
"https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba",
"https://lists.debian.org/debian-lts-announce/2018/03/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://usn.ubuntu.com/3600-1/",
"https://usn.ubuntu.com/3600-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.exploit-db.com/exploits/44846/",
"https://www.tenable.com/security/tns-2018-03",
"https://www.tenable.com/security/tns-2018-12",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/103204",
"http://www.securitytracker.com/id/1041607",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://bugs.php.net/bug.php?id=75981",
"https://github.com/php/php-src/commit/523f230c831d7b33353203fa34aee4e92ac12bba",
"https://lists.debian.org/debian-lts-announce/2018/03/msg00030.html",
"https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html",
"https://usn.ubuntu.com/3600-1/",
"https://usn.ubuntu.com/3600-2/",
"https://www.debian.org/security/2018/dsa-4240",
"https://www.exploit-db.com/exploits/44846/",
"https://www.tenable.com/security/tns-2018-03",
"https://www.tenable.com/security/tns-2018-12"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-119"
},
"CVE-2019-0196": {
"id": "CVE-2019-0196",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4.39",
"http://www.openwall.com/lists/oss-security/2019/04/02/1",
"http://www.securityfocus.com/bid/107669",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/97a1c58e138ed58a364513b58d807a802e72bf6079ff81a10948ef7c%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWRYD6JMEJ6O3JKJZFNOYXMJJU5JMEJK/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTJPHI3E3OKW7OT7COQXVG7DE7IDQ2OT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190617-0002/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 5.3,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"weakness": "CWE-416"
},
"CVE-2019-0197": {
"id": "CVE-2019-0197",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/2",
"http://www.securityfocus.com/bid/107665",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://security.netapp.com/advisory/ntap-20190617-0002/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/4113-1/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 4.2,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"weakness": "CWE-444"
},
"CVE-2019-0211": {
"id": "CVE-2019-0211",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html",
"http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html",
"http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html",
"http://www.apache.org/dist/httpd/CHANGES_2.4.39",
"http://www.openwall.com/lists/oss-security/2019/04/02/3",
"http://www.openwall.com/lists/oss-security/2019/07/26/7",
"http://www.securityfocus.com/bid/107666",
"https://access.redhat.com/errata/RHBA-2019:0959",
"https://access.redhat.com/errata/RHSA-2019:0746",
"https://access.redhat.com/errata/RHSA-2019:0980",
"https://access.redhat.com/errata/RHSA-2019:1296",
"https://access.redhat.com/errata/RHSA-2019:1297",
"https://access.redhat.com/errata/RHSA-2019:1543",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E",
"https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E",
"https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E",
"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/16",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.gentoo.org/glsa/201904-20",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.f5.com/csp/article/K32957101",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.exploit-db.com/exploits/46676/",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"https://www.synology.com/security/advisory/Synology_SA_19_14"
],
"score": 7.8,
"services": [
"2181/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2019-0215": {
"id": "CVE-2019-0215",
"references": [
"http://www.openwall.com/lists/oss-security/2019/04/02/4",
"http://www.securityfocus.com/bid/107667",
"https://access.redhat.com/errata/RHSA-2019:0980",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/2d6bd429a0ba9af1580da896575cfca6e42bb05e7536562d4b095fcf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/bc1a6d4137798565ab02e60079b6788442147f4efeb4200c665bed5b%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.f5.com/csp/article/K59440504",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.",
"vector_string": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "NVD-CWE-noinfo"
},
"CVE-2019-0217": {
"id": "CVE-2019-0217",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/5",
"http://www.securityfocus.com/bid/107668",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://bugzilla.redhat.com/show_bug.cgi?id=1695020",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/5",
"http://www.securityfocus.com/bid/107668",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://bugzilla.redhat.com/show_bug.cgi?id=1695020",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190423-0001/",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://usn.ubuntu.com/3937-2/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-362"
},
"CVE-2019-0220": {
"id": "CVE-2019-0220",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/6",
"http://www.securityfocus.com/bid/107670",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://access.redhat.com/errata/RHSA-2020:0250",
"https://access.redhat.com/errata/RHSA-2020:0251",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190625-0007/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html",
"http://www.openwall.com/lists/oss-security/2019/04/02/6",
"http://www.securityfocus.com/bid/107670",
"https://access.redhat.com/errata/RHSA-2019:2343",
"https://access.redhat.com/errata/RHSA-2019:3436",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://access.redhat.com/errata/RHSA-2020:0250",
"https://access.redhat.com/errata/RHSA-2020:0251",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r31f46d1f16ffcafa68058596b21f6eaf6d352290e522690a1cdccdd7%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/",
"https://seclists.org/bugtraq/2019/Apr/5",
"https://security.netapp.com/advisory/ntap-20190625-0007/",
"https://support.f5.com/csp/article/K44591505",
"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us",
"https://usn.ubuntu.com/3937-1/",
"https://www.debian.org/security/2019/dsa-4422",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 5.3,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-706"
},
"CVE-2019-10081": {
"id": "CVE-2019-10081",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K84341091?utm_source=f5support&%3Butm_medium=RSS",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with \"H2PushResource\", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-787"
},
"CVE-2019-10082": {
"id": "CVE-2019-10082",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 9.1,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-416"
},
"CVE-2019-10092": {
"id": "CVE-2019-10092",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/4",
"http://www.openwall.com/lists/oss-security/2020/08/08/1",
"http://www.openwall.com/lists/oss-security/2020/08/08/9",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://seclists.org/bugtraq/2019/Oct/24",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K30442259",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/4",
"http://www.openwall.com/lists/oss-security/2020/08/08/1",
"http://www.openwall.com/lists/oss-security/2020/08/08/9",
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html",
"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://seclists.org/bugtraq/2019/Oct/24",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K30442259",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 6.1,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-79"
},
"CVE-2019-10097": {
"id": "CVE-2019-10097",
"references": [
"https://access.redhat.com/errata/RHSA-2019:4126",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 7.2,
"services": [
"2181/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the \"PROXY\" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-476"
},
"CVE-2019-10098": {
"id": "CVE-2019-10098",
"references": [
"http://www.openwall.com/lists/oss-security/2020/04/01/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"http://www.openwall.com/lists/oss-security/2020/04/01/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/security-alerts/cpujan2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
],
"score": 6.1,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-601"
},
"CVE-2019-17567": {
"id": "CVE-2019-17567",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/2",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/2",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 5.3,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-444"
},
"CVE-2019-6977": {
"id": "CVE-2019-6977",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html",
"http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/106731",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77270",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/",
"https://security.gentoo.org/glsa/201903-18",
"https://security.netapp.com/advisory/ntap-20190315-0003/",
"https://usn.ubuntu.com/3900-1/",
"https://www.debian.org/security/2019/dsa-4384",
"https://www.exploit-db.com/exploits/46677/",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html",
"http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html",
"http://php.net/ChangeLog-5.php",
"http://php.net/ChangeLog-7.php",
"http://www.securityfocus.com/bid/106731",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77270",
"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/",
"https://security.gentoo.org/glsa/201903-18",
"https://security.netapp.com/advisory/ntap-20190315-0003/",
"https://usn.ubuntu.com/3900-1/",
"https://www.debian.org/security/2019/dsa-4384",
"https://www.exploit-db.com/exploits/46677/"
],
"score": 8.8,
"services": [
"443/http"
],
"severity": "high",
"summary": "gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2019-9020": {
"id": "CVE-2019-9020",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77242",
"https://bugs.php.net/bug.php?id=77249",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77242",
"https://bugs.php.net/bug.php?id=77249",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-125"
},
"CVE-2019-9021": {
"id": "CVE-2019-9021",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/106747",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77247",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/106747",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77247",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-125"
},
"CVE-2019-9023": {
"id": "CVE-2019-9023",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77370",
"https://bugs.php.net/bug.php?id=77371",
"https://bugs.php.net/bug.php?id=77381",
"https://bugs.php.net/bug.php?id=77382",
"https://bugs.php.net/bug.php?id=77385",
"https://bugs.php.net/bug.php?id=77394",
"https://bugs.php.net/bug.php?id=77418",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://support.f5.com/csp/article/K06372014",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77370",
"https://bugs.php.net/bug.php?id=77371",
"https://bugs.php.net/bug.php?id=77381",
"https://bugs.php.net/bug.php?id=77382",
"https://bugs.php.net/bug.php?id=77385",
"https://bugs.php.net/bug.php?id=77394",
"https://bugs.php.net/bug.php?id=77418",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://support.f5.com/csp/article/K06372014",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-125"
},
"CVE-2019-9024": {
"id": "CVE-2019-9024",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77380",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"http://www.securityfocus.com/bid/107156",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77380",
"https://security.netapp.com/advisory/ntap-20190321-0001/",
"https://usn.ubuntu.com/3902-1/",
"https://usn.ubuntu.com/3902-2/",
"https://www.debian.org/security/2019/dsa-4398"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2019-9517": {
"id": "CVE-2019-9517",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html",
"http://www.openwall.com/lists/oss-security/2019/08/15/7",
"https://access.redhat.com/errata/RHSA-2019:2893",
"https://access.redhat.com/errata/RHSA-2019:2925",
"https://access.redhat.com/errata/RHSA-2019:2939",
"https://access.redhat.com/errata/RHSA-2019:2946",
"https://access.redhat.com/errata/RHSA-2019:2949",
"https://access.redhat.com/errata/RHSA-2019:2950",
"https://access.redhat.com/errata/RHSA-2019:2955",
"https://access.redhat.com/errata/RHSA-2019:3932",
"https://access.redhat.com/errata/RHSA-2019:3933",
"https://access.redhat.com/errata/RHSA-2019:3935",
"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"https://kb.cert.org/vuls/id/605641/",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10296",
"https://lists.apache.org/thread.html/4610762456644181b267c846423b3a990bd4aaea1886ecc7d51febdb%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/d89f999e26dfb1d50f247ead1fe8538014eb412b2dbe5be4b1a9ef50%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ec97fdfc1a859266e56fef084353a34e0a0b08901b3c1aa317a43c8c%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BP556LEG3WENHZI5TAQ6ZEBFTJB4E2IS/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XHTKU7YQ5EEP2XNSAV4M4VJ7QCBOJMOD/",
"https://seclists.org/bugtraq/2019/Aug/47",
"https://security.gentoo.org/glsa/201909-04",
"https://security.netapp.com/advisory/ntap-20190823-0003/",
"https://security.netapp.com/advisory/ntap-20190823-0005/",
"https://security.netapp.com/advisory/ntap-20190905-0003/",
"https://support.f5.com/csp/article/K02591030",
"https://support.f5.com/csp/article/K02591030?utm_source=f5support&%3Butm_medium=RSS",
"https://usn.ubuntu.com/4113-1/",
"https://www.debian.org/security/2019/dsa-4509",
"https://www.oracle.com/security-alerts/cpuapr2020.html",
"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"https://www.synology.com/security/advisory/Synology_SA_19_33"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2019-9637": {
"id": "CVE-2019-9637",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77630",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://support.f5.com/csp/article/K53825211",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"https://www.tenable.com/security/tns-2019-07",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77630",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://support.f5.com/csp/article/K53825211",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"https://www.tenable.com/security/tns-2019-07"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.",
"vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-264"
},
"CVE-2019-9638": {
"id": "CVE-2019-9638",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77563",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77563",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2019-9639": {
"id": "CVE-2019-9639",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77659",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://access.redhat.com/errata/RHSA-2019:2519",
"https://access.redhat.com/errata/RHSA-2019:3299",
"https://bugs.php.net/bug.php?id=77659",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403"
],
"score": 7.5,
"services": [
"443/http"
],
"severity": "high",
"summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-908"
},
"CVE-2019-9641": {
"id": "CVE-2019-9641",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://bugs.php.net/bug.php?id=77509",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html",
"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html",
"https://bugs.php.net/bug.php?id=77509",
"https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html",
"https://security.netapp.com/advisory/ntap-20190502-0007/",
"https://usn.ubuntu.com/3922-1/",
"https://usn.ubuntu.com/3922-2/",
"https://usn.ubuntu.com/3922-3/",
"https://www.debian.org/security/2019/dsa-4403"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-908"
},
"CVE-2020-11984": {
"id": "CVE-2020-11984",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html",
"http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html",
"http://www.openwall.com/lists/oss-security/2020/08/08/1",
"http://www.openwall.com/lists/oss-security/2020/08/08/10",
"http://www.openwall.com/lists/oss-security/2020/08/08/8",
"http://www.openwall.com/lists/oss-security/2020/08/08/9",
"http://www.openwall.com/lists/oss-security/2020/08/10/5",
"http://www.openwall.com/lists/oss-security/2020/08/17/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r34753590ae8e3f2b6af689af4fe84269b592f5fda9f3244fd9abbce8%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2020/09/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.gentoo.org/glsa/202008-04",
"https://security.netapp.com/advisory/ntap-20200814-0005/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-120"
},
"CVE-2020-11993": {
"id": "CVE-2020-11993",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.html",
"http://packetstormsecurity.com/files/160393/Apache-2-HTTP2-Module-Concurrent-Pool-Usage.html",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2c6083f6a2027914a0f5b54e2a1f4fa98c03f8693b58460911818255%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf71eb428714374a6f9ad68952e23611ec7807b029fd6a1b4f5f732d9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/",
"https://security.gentoo.org/glsa/202008-04",
"https://security.netapp.com/advisory/ntap-20200814-0005/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above \"info\" will mitigate this vulnerability for unpatched servers.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-444"
},
"CVE-2020-13938": {
"id": "CVE-2020-13938",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/3",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/3",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20210702-0001/"
],
"score": 5.5,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-862"
},
"CVE-2020-1927": {
"id": "CVE-2020-1927",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"http://www.openwall.com/lists/oss-security/2020/04/03/1",
"http://www.openwall.com/lists/oss-security/2020/04/04/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"http://www.openwall.com/lists/oss-security/2020/04/03/1",
"http://www.openwall.com/lists/oss-security/2020/04/04/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpuApr2021.html",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 6.1,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"weakness": "CWE-601"
},
"CVE-2020-1934": {
"id": "CVE-2020-1934",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujul2020.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",
"https://security.netapp.com/advisory/ntap-20200413-0002/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujul2020.html"
],
"score": 5.3,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-908"
},
"CVE-2020-35452": {
"id": "CVE-2020-35452",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/5",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/5",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 7.3,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"weakness": "CWE-787"
},
"CVE-2020-9490": {
"id": "CVE-2020-9490",
"references": [
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html",
"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.html",
"http://packetstormsecurity.com/files/160392/Apache-2.4.43-mod_http2-Memory-Corruption.html",
"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490",
"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r0b6541c5fb2f8fb383861333400add7def625bc993300300de0b4f8d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r97d0faab6ed8fd0d439234b16d05d77b22a07b0c4817e7b3cca419cc%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e485ce5a01c9dc3d4d785a7d28aa7400ead1e81884034ff1f03cfee%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra4da876037477c06f2677d7a1e10b5a8613000fca99c813958070fe9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rfed9fea918e090383da33e393eb6c2755fccf05032bd7d6eb4737c9e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/",
"https://security.gentoo.org/glsa/202008-04",
"https://security.netapp.com/advisory/ntap-20200814-0005/",
"https://usn.ubuntu.com/4458-1/",
"https://www.debian.org/security/2020/dsa-4757",
"https://www.oracle.com/security-alerts/cpujan2021.html",
"https://www.oracle.com/security-alerts/cpuoct2020.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via \"H2Push off\" will mitigate this vulnerability for unpatched servers.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-444"
},
"CVE-2021-26690": {
"id": "CVE-2021-26690",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/6",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/6",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2021-26691": {
"id": "CVE-2021-26691",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/7",
"https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2021/06/10/7",
"https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe%40%3Cannounce.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202107-38",
"https://security.netapp.com/advisory/ntap-20210702-0001/",
"https://www.debian.org/security/2021/dsa-4937",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.oracle.com/security-alerts/cpuoct2021.html"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-122"
},
"CVE-2021-33193": {
"id": "CVE-2021-33193",
"references": [
"https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch",
"https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/",
"https://portswigger.net/research/http2",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20210917-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "NVD-CWE-Other"
},
"CVE-2021-34798": {
"id": "CVE-2021-34798",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2021-36160": {
"id": "CVE-2021-36160",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r73260f6ba9fb52e43d860905fc90462ba5a814afda2d011f32bbd41c%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r7f2746e916ed370239bc1a1025e5ebbf345f79df9ea0ea39e44acfbb%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r94a61a1517133a19dcf40016e87454ea86e355d06a0cec4c778530f3%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra1c05a392587bfe34383dffe1213edc425de8d4afc25b7cefab3e781%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ra87a69d0703d09dc52b86e32b08f8d7327af10acdd5f577a4e82596a%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rb2341c8786d0f9924f5b666e82d8d170b4804f50a523d750551bef1a%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/09/msg00016.html",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00016.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2021-39275": {
"id": "CVE-2021-39275",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2021-40438": {
"id": "CVE-2021-40438",
"references": [
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17",
"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E",
"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211008-0004/",
"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ",
"https://www.debian.org/security/2021/dsa-4982",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2021-17"
],
"score": 9,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-918"
},
"CVE-2021-44224": {
"id": "CVE-2021-44224",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/3",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/3",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03"
],
"score": 8.2,
"services": [
"2181/http"
],
"severity": "high",
"summary": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"weakness": "CWE-476"
},
"CVE-2021-44790": {
"id": "CVE-2021-44790",
"references": [
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03",
"http://httpd.apache.org/security/vulnerabilities_24.html",
"http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2021/12/20/4",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20211224-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.debian.org/security/2022/dsa-5035",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujan2022.html",
"https://www.tenable.com/security/tns-2022-01",
"https://www.tenable.com/security/tns-2022-03"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-787"
},
"CVE-2022-22719": {
"id": "CVE-2022-22719",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-665"
},
"CVE-2022-22720": {
"id": "CVE-2022-22720",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2022-22721": {
"id": "CVE-2022-22721",
"references": [
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html",
"http://seclists.org/fulldisclosure/2022/May/33",
"http://seclists.org/fulldisclosure/2022/May/35",
"http://seclists.org/fulldisclosure/2022/May/38",
"http://www.openwall.com/lists/oss-security/2022/03/14/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://support.apple.com/kb/HT213255",
"https://support.apple.com/kb/HT213256",
"https://support.apple.com/kb/HT213257",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.oracle.com/security-alerts/cpujul2022.html"
],
"score": 9.1,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-23943": {
"id": "CVE-2022-23943",
"references": [
"http://www.openwall.com/lists/oss-security/2022/03/14/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.tenable.com/security/tns-2022-08",
"https://www.tenable.com/security/tns-2022-09",
"http://www.openwall.com/lists/oss-security/2022/03/14/1",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220321-0001/",
"https://www.oracle.com/security-alerts/cpuapr2022.html",
"https://www.tenable.com/security/tns-2022-08",
"https://www.tenable.com/security/tns-2022-09"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-190"
},
"CVE-2022-26377": {
"id": "CVE-2022-26377",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/2",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
},
"CVE-2022-28330": {
"id": "CVE-2022-28330",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/3",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-125"
},
"CVE-2022-28614": {
"id": "CVE-2022-28614",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 5.3,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"weakness": "CWE-190"
},
"CVE-2022-28615": {
"id": "CVE-2022-28615",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.1,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"weakness": "CWE-190"
},
"CVE-2022-29404": {
"id": "CVE-2022-29404",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/5",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2022-30556": {
"id": "CVE-2022-30556",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-200"
},
"CVE-2022-31628": {
"id": "CVE-2022-31628",
"references": [
"https://bugs.php.net/bug.php?id=81726",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277",
"https://bugs.php.net/bug.php?id=81726",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277"
],
"score": 2.3,
"services": [
"443/http"
],
"severity": "low",
"summary": "In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress \"quines\" gzip files, resulting in an infinite loop.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"weakness": "CWE-674"
},
"CVE-2022-31629": {
"id": "CVE-2022-31629",
"references": [
"http://www.openwall.com/lists/oss-security/2024/04/12/11",
"https://bugs.php.net/bug.php?id=81727",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277",
"http://www.openwall.com/lists/oss-security/2024/04/12/11",
"https://bugs.php.net/bug.php?id=81727",
"https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2L5SUVYGAKSWODUQPZFBUB3AL6E6CSEV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJZK3X6B7FBE32FETDSMRLJXTFTHKWSY/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSJVPJTX7T3J5V7XHR4MFNHZGP44R5XE/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VI3E6A3ZTH2RP7OMLJHSVFIEQBIFM6RF/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/",
"https://security.gentoo.org/glsa/202211-03",
"https://security.netapp.com/advisory/ntap-20221209-0001/",
"https://www.debian.org/security/2022/dsa-5277"
],
"score": 6.5,
"services": [
"443/http"
],
"severity": "medium",
"summary": "In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"weakness": "CWE-20"
},
"CVE-2022-31813": {
"id": "CVE-2022-31813",
"references": [
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/",
"http://www.openwall.com/lists/oss-security/2022/06/08/8",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/",
"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/",
"https://security.gentoo.org/glsa/202208-20",
"https://security.netapp.com/advisory/ntap-20220624-0005/"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-348"
},
"CVE-2022-36760": {
"id": "CVE-2022-36760",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2022-37436": {
"id": "CVE-2022-37436",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 5.3,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"weakness": "CWE-113"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01",
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.nnSpecial characters in the origin response header can truncate/split the response forwarded to the client.nnn",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
},
"CVE-2023-31122": {
"id": "CVE-2023-31122",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-125"
},
"CVE-2023-45802": {
"id": "CVE-2023-45802",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/",
"https://security.netapp.com/advisory/ntap-20231027-0011/"
],
"score": 5.9,
"services": [
"2181/http"
],
"severity": "medium",
"summary": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.nnThis was found by the reporter during testing ofxa0CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.nnUsers are recommended to upgrade to version 2.4.58, which fixes the issue.n",
"vector_string": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2024-27316": {
"id": "CVE-2024-27316",
"references": [
"http://seclists.org/fulldisclosure/2024/Jul/18",
"http://www.openwall.com/lists/oss-security/2024/04/04/4",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://support.apple.com/kb/HT214119",
"https://www.openwall.com/lists/oss-security/2024/04/03/16"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-770"
},
"CVE-2024-38474": {
"id": "CVE-2024-38474",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in\ndirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\n\nSome RewriteRules that capture and substitute unsafely will now fail unless rewrite flag \"UnsafeAllow3F\" is specified.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-116"
},
"CVE-2024-38476": {
"id": "CVE-2024-38476",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/9",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 9.8,
"services": [
"2181/http"
],
"severity": "critical",
"summary": "Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-829"
},
"CVE-2024-38477": {
"id": "CVE-2024-38477",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/",
"http://www.openwall.com/lists/oss-security/2024/07/01/10",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240712-0001/"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-476"
},
"CVE-2024-40898": {
"id": "CVE-2024-40898",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"http://www.openwall.com/lists/oss-security/2024/07/17/7",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://security.netapp.com/advisory/ntap-20240808-0006/"
],
"score": 7.5,
"services": [
"2181/http"
],
"severity": "high",
"summary": "SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue. ",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"weakness": "CWE-918"
},
"CVE-2024-4577": {
"id": "CVE-2024-4577",
"references": [
"http://www.openwall.com/lists/oss-security/2024/06/07/1",
"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",
"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",
"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",
"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",
"https://github.com/11whoami99/CVE-2024-4577",
"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",
"https://github.com/rapid7/metasploit-framework/pull/19247",
"https://github.com/watchtowrlabs/CVE-2024-4577",
"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",
"https://isc.sans.edu/diary/30994",
"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",
"https://security.netapp.com/advisory/ntap-20240621-0008/",
"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",
"https://www.php.net/ChangeLog-8.php#8.1.29",
"https://www.php.net/ChangeLog-8.php#8.2.20",
"https://www.php.net/ChangeLog-8.php#8.3.8",
"http://www.openwall.com/lists/oss-security/2024/06/07/1",
"https://arstechnica.com/security/2024/06/php-vulnerability-allows-attackers-to-run-malicious-code-on-windows-servers/",
"https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html",
"https://blog.talosintelligence.com/new-persistent-attacks-japan/",
"https://cert.be/en/advisory/warning-php-remote-code-execution-patch-immediately",
"https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/",
"https://github.com/11whoami99/CVE-2024-4577",
"https://github.com/php/php-src/security/advisories/GHSA-3qgc-jrrr-25jv",
"https://github.com/rapid7/metasploit-framework/pull/19247",
"https://github.com/watchtowrlabs/CVE-2024-4577",
"https://github.com/xcanwin/CVE-2024-4577-PHP-RCE",
"https://isc.sans.edu/diary/30994",
"https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/",
"https://lists.fedoraproject.org/archives/list/[email protected]/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/",
"https://security.netapp.com/advisory/ntap-20240621-0008/",
"https://www.imperva.com/blog/imperva-protects-against-critical-php-vulnerability-cve-2024-4577/",
"https://www.php.net/ChangeLog-8.php#8.1.29",
"https://www.php.net/ChangeLog-8.php#8.2.20",
"https://www.php.net/ChangeLog-8.php#8.3.8",
"https://www.vicarius.io/vsociety/posts/php-cgi-argument-injection-to-rce-cve-2024-4577",
"https://www.vicarius.io/vsociety/posts/php-cgi-os-command-injection-vulnerability-cve-2024-4577"
],
"score": 9.8,
"services": [
"443/http"
],
"severity": "critical",
"summary": "In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use \"Best-Fit\" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-78"
}
}
}