apache2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the apache2 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Server-Side Request Forgery (SSRF)

<2.4.62-r0
  • M
CVE-2024-40725

<2.4.62-r0
  • L
CVE-2024-39884

<2.4.61-r0
  • C
Improper Encoding or Escaping of Output

<2.4.60-r0
  • L
CVE-2024-38472

<2.4.60-r0
  • H
NULL Pointer Dereference

<2.4.60-r0
  • L
Improper Input Validation

<2.4.60-r0
  • L
Improper Encoding or Escaping of Output

<2.4.60-r0
  • L
Improper Encoding or Escaping of Output

<2.4.60-r0
  • C
CVE-2024-38476

<2.4.60-r0
  • L
NULL Pointer Dereference

<2.4.60-r0
  • H
Resource Exhaustion

<2.4.58-r0
  • M
Improper Resource Shutdown or Release

<2.4.58-r0
  • L
CVE-2024-24795

<2.4.59-r0
  • C
Integer Overflow or Wraparound

<2.4.54-r0
  • M
HTTP Response Splitting

<2.4.55-r0
  • C
HTTP Request Smuggling

<2.4.55-r0
  • H
Out-of-bounds Read

<2.4.58-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.4.59-r0
  • M
Integer Overflow or Wraparound

<2.4.54-r0
  • C
Insufficient Verification of Data Authenticity

<2.4.54-r0
  • C
HTTP Request Smuggling

<2.4.56-r0
  • H
HTTP Request Smuggling

<2.4.56-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.4.54-r0
  • H
HTTP Request Smuggling

<2.4.54-r0
  • L
CVE-2023-38709

<2.4.59-r0
  • C
HTTP Request Smuggling

<2.4.53-r0
  • C
Integer Overflow or Wraparound

<2.4.53-r0
  • H
CVE-2022-30556

<2.4.54-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.4.54-r0
  • H
Improper Initialization

<2.4.53-r0
  • C
Out-of-bounds Write

<2.4.52-r0
  • M
Out-of-bounds Read

<2.4.54-r0
  • C
Directory Traversal

<2.4.51-r0
  • C
Out-of-bounds Write

<2.4.53-r0
  • H
NULL Pointer Dereference

<2.4.48-r0
  • M
Missing Authorization

<2.4.48-r0
  • H
CVE-2021-33193

<2.4.49-r0
  • C
Server-Side Request Forgery (SSRF)

<2.4.49-r0
  • H
NULL Pointer Dereference

<2.4.52-r0
  • H
NULL Pointer Dereference

<2.4.50-r0
  • H
Directory Traversal

<2.4.50-r0
  • H
Resource Exhaustion

<2.4.48-r0
  • H
NULL Pointer Dereference

<2.4.48-r0
  • H
NULL Pointer Dereference

<2.4.49-r0
  • H
Out-of-bounds Read

<2.4.49-r0
  • C
Buffer Overflow

<2.4.49-r0
  • C
Out-of-bounds Write

<2.4.48-r0
  • C
Buffer Overflow

<2.4.46-r0
  • H
NULL Pointer Dereference

<2.4.48-r0
  • H
Out-of-bounds Write

<2.4.48-r0
  • M
CVE-2021-30641

<2.4.48-r0
  • M
Open Redirect

<2.4.43-r0
  • M
Use of Uninitialized Resource

<2.4.43-r0
  • H
Out-of-bounds Write

<2.4.41-r0
  • H
HTTP Request Smuggling

<2.4.46-r0
  • C
Use After Free

<2.4.41-r0
  • M
Open Redirect

<2.4.41-r0
  • H
HTTP Request Smuggling

<2.4.46-r0
  • H
Out-of-bounds Write

<2.4.41-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.4.41-r0
  • M
Cross-site Scripting (XSS)

<2.4.41-r0
  • H
Use After Free

<2.4.39-r0
  • H
CVE-2019-0215

<2.4.39-r0
  • M
HTTP Request Smuggling

<2.4.39-r0
  • M
Use After Free

<2.4.39-r0
  • M
CVE-2018-11763

<2.4.35-r0
  • H
NULL Pointer Dereference

<2.4.34-r0
  • H
Race Condition

<2.4.39-r0
  • H
Resource Exhaustion

<2.4.34-r0
  • C
Improper Authentication

<2.4.33-r0
  • M
Use of Incorrectly-Resolved Name or Reference

<2.4.39-r0
  • H
Out-of-bounds Read

<2.4.33-r0
  • M
NULL Pointer Dereference

<2.4.33-r0
  • M
Resource Exhaustion

<2.4.38-r0
  • H
CVE-2019-0190

<2.4.38-r0
  • H
Session Fixation

<2.4.38-r0
  • M
Out-of-Bounds

<2.4.33-r0
  • M
CVE-2018-1283

<2.4.33-r0
  • H
Improper Input Validation

<2.4.33-r0
  • C
NULL Pointer Dereference

<2.4.26-r0
  • C
Out-of-Bounds

<2.4.26-r0
  • C
Improper Authentication

<2.4.26-r0
  • H
Out-of-bounds Write

<2.4.33-r0
  • H
Use After Free

<2.4.27-r1
  • H
Improper Input Validation

<2.4.26-r0
  • H
NULL Pointer Dereference

<2.4.26-r0