apache2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the apache2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Incorrect Check of Function Return Value	<2.4.65-r0
L Improper Access Control	<2.4.64-r0
L Server-Side Request Forgery (SSRF)	<2.4.64-r0
L Improper Authentication	<2.4.64-r0
L Memory Leak	<2.4.64-r0
L Server-Side Request Forgery (SSRF)	<2.4.64-r0
L Reachable Assertion	<2.4.64-r0
L Improper Input Validation	<2.4.64-r0
L Improper Neutralization	<2.4.64-r0
H NULL Pointer Dereference	<2.4.60-r0
C CVE-2024-38476	<2.4.60-r0
L Improper Encoding or Escaping of Output	<2.4.60-r0
C Improper Encoding or Escaping of Output	<2.4.60-r0
C Insufficient Verification of Data Authenticity	<2.4.54-r0
H Allocation of Resources Without Limits or Throttling	<2.4.54-r0
L CVE-2024-24795	<2.4.59-r0
L Improper Encoding or Escaping of Output	<2.4.60-r0
M CVE-2024-40725	<2.4.62-r0
H NULL Pointer Dereference	<2.4.52-r0
L CVE-2024-39884	<2.4.61-r0
H Allocation of Resources Without Limits or Throttling	<2.4.54-r0
C Out-of-bounds Write	<2.4.52-r0
M Out-of-bounds Read	<2.4.54-r0
C Server-Side Request Forgery (SSRF)	<2.4.49-r0
L NULL Pointer Dereference	<2.4.60-r0
L Improper Input Validation	<2.4.60-r0
C HTTP Request Smuggling	<2.4.53-r0
C Out-of-bounds Write	<2.4.48-r0
C Out-of-bounds Write	<2.4.53-r0
C HTTP Request Smuggling	<2.4.55-r0
H Out-of-bounds Write	<2.4.48-r0
L CVE-2024-38472	<2.4.60-r0
M HTTP Response Splitting	<2.4.55-r0
H Resource Exhaustion	<2.4.58-r0
H Server-Side Request Forgery (SSRF)	<2.4.62-r0
C Integer Overflow or Wraparound	<2.4.53-r0
H NULL Pointer Dereference	<2.4.48-r0
H Improper Initialization	<2.4.53-r0
M Missing Authorization	<2.4.48-r0
H Out-of-bounds Read	<2.4.58-r0
C HTTP Request Smuggling	<2.4.56-r0
H Allocation of Resources Without Limits or Throttling	<2.4.59-r0
L CVE-2023-38709	<2.4.59-r0
H HTTP Request Smuggling	<2.4.56-r0
H CVE-2022-30556	<2.4.54-r0
H HTTP Request Smuggling	<2.4.54-r0
H NULL Pointer Dereference	<2.4.48-r0
M Improper Resource Shutdown or Release	<2.4.58-r0
H Out-of-bounds Write	<2.4.41-r0
H Race Condition	<2.4.39-r0
M CVE-2021-30641	<2.4.48-r0
C Integer Overflow or Wraparound	<2.4.54-r0
H Session Fixation	<2.4.38-r0
H Use After Free	<2.4.39-r0
M Integer Overflow or Wraparound	<2.4.54-r0
C Use After Free	<2.4.41-r0
M CVE-2018-11763	<2.4.35-r0
H Resource Exhaustion	<2.4.48-r0
H NULL Pointer Dereference	<2.4.48-r0
H NULL Pointer Dereference	<2.4.49-r0
M Use of Uninitialized Resource	<2.4.43-r0
M Open Redirect	<2.4.43-r0
C Buffer Overflow	<2.4.49-r0
C Directory Traversal	<2.4.51-r0
H Directory Traversal	<2.4.50-r0
H Out-of-bounds Write	<2.4.41-r0
H NULL Pointer Dereference	<2.4.50-r0
H Out-of-bounds Read	<2.4.49-r0
H HTTP Request Smuggling	<2.4.46-r0
C Buffer Overflow	<2.4.46-r0
H Out-of-bounds Write	<2.4.33-r0
H Allocation of Resources Without Limits or Throttling	<2.4.41-r0
M Use of Incorrectly-Resolved Name or Reference	<2.4.39-r0
C NULL Pointer Dereference	<2.4.26-r0
H NULL Pointer Dereference	<2.4.34-r0
M Use After Free	<2.4.39-r0
H HTTP Request Smuggling	<2.4.46-r0
H Resource Exhaustion	<2.4.34-r0
H CVE-2021-33193	<2.4.49-r0
C Improper Authentication	<2.4.33-r0
M Out-of-Bounds	<2.4.33-r0
M Open Redirect	<2.4.41-r0
H Improper Input Validation	<2.4.26-r0
C Improper Authentication	<2.4.26-r0
M Cross-site Scripting (XSS)	<2.4.41-r0
M Resource Exhaustion	<2.4.38-r0
H NULL Pointer Dereference	<2.4.26-r0
H CVE-2019-0190	<2.4.38-r0
H Out-of-bounds Read	<2.4.33-r0
H Improper Input Validation	<2.4.33-r0
M HTTP Request Smuggling	<2.4.39-r0
H CVE-2019-0215	<2.4.39-r0
M CVE-2018-1283	<2.4.33-r0
H Use After Free	<2.4.27-r1
M NULL Pointer Dereference	<2.4.33-r0
C Out-of-Bounds	<2.4.26-r0

Vulnerability

Vulnerable Version

Incorrect Check of Function Return Value

<2.4.65-r0