Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

71 – 80 of 293 results

CVE-2021-34798

Medium priority
Fixed

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

1 affected packages

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-39191

Medium priority
Vulnerable

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4,...

1 affected packages

libapache2-mod-auth-openidc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libapache2-mod-auth-openidc Needs evaluation Needs evaluation Vulnerable Vulnerable Needs evaluation
Show less packages

CVE-2021-33193

Medium priority
Fixed

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

1 affected packages

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Fixed Fixed Fixed Not affected
Show less packages

CVE-2021-3639

Medium priority

Some fixes available 9 of 10

A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL...

1 affected packages

libapache2-mod-auth-mellon

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libapache2-mod-auth-mellon Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2021-32792

Low priority
Needs evaluation

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before...

1 affected packages

libapache2-mod-auth-openidc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libapache2-mod-auth-openidc Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-32791

Low priority
Needs evaluation

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before...

1 affected packages

libapache2-mod-auth-openidc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libapache2-mod-auth-openidc Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-32786

Medium priority
Vulnerable

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9,...

1 affected packages

libapache2-mod-auth-openidc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libapache2-mod-auth-openidc Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2021-32785

Medium priority
Vulnerable

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions...

1 affected packages

libapache2-mod-auth-openidc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libapache2-mod-auth-openidc Not affected Not affected Vulnerable Vulnerable Needs evaluation
Show less packages

CVE-2021-31618

Medium priority
Not affected

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and...

1 affected packages

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-30641

Medium priority
Fixed

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

1 affected packages

apache2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Fixed Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 6
  3. 7
  4. 8
  5. 9
  6. 10
  7. Next page
Export to JSON