httpd-devel vulnerabilities

Known vulnerabilities in the httpd-devel package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Exposure of Resource to Wrong Sphere	<0:2.4.62-1.amzn2.0.1
H Improper Input Validation	<0:2.4.61-1.amzn2.0.1
H NULL Pointer Dereference	<0:2.4.61-1.amzn2.0.1
H Improper Encoding or Escaping of Output	<0:2.4.61-1.amzn2.0.1
H Information Exposure	<0:2.4.61-1.amzn2.0.1
H Improper Encoding or Escaping of Output	<0:2.4.61-1.amzn2.0.1
H Inclusion of Functionality from Untrusted Control Sphere	<0:2.4.61-1.amzn2.0.1
H Improper Encoding or Escaping of Output	<0:2.4.61-1.amzn2.0.1
M HTTP Response Splitting	<0:2.4.59-1.amzn2
M Improper Input Validation	<0:2.4.59-1.amzn2
H Resource Exhaustion	<0:2.4.58-1.amzn2
H Resource Exhaustion	<0:2.4.58-1.amzn2
H Out-of-bounds Read	<0:2.4.58-1.amzn2
H HTTP Response Splitting	<0:2.4.56-1.amzn2
H HTTP Response Splitting	<0:2.4.56-1.amzn2
H HTTP Response Splitting	<0:2.4.55-1.amzn2
H HTTP Request Smuggling	<0:2.4.55-1.amzn2
H Out-of-bounds Read	<0:2.4.55-1.amzn2
M Allocation of Resources Without Limits or Throttling	<0:2.4.54-1.amzn2
M Insufficient Verification of Data Authenticity	<0:2.4.54-1.amzn2
M Integer Overflow or Wraparound	<0:2.4.54-1.amzn2
M Allocation of Resources Without Limits or Throttling	<0:2.4.54-1.amzn2
M Information Exposure	<0:2.4.54-1.amzn2
M Out-of-bounds Read	<0:2.4.54-1.amzn2
M Integer Overflow or Wraparound	<0:2.4.54-1.amzn2
M HTTP Request Smuggling	<0:2.4.54-1.amzn2
H Integer Overflow or Wraparound	<0:2.4.53-1.amzn2
H Integer Overflow or Wraparound	<0:2.4.53-1.amzn2
H HTTP Request Smuggling	<0:2.4.53-1.amzn2
H Improper Initialization	<0:2.4.53-1.amzn2
H NULL Pointer Dereference	<0:2.4.52-1.amzn2
H Resource Exhaustion	<0:2.4.52-1.amzn2
H Directory Traversal	<0:2.4.51-1.amzn2
H Directory Traversal	<0:2.4.51-1.amzn2
H NULL Pointer Dereference	<0:2.4.51-1.amzn2
H Server-Side Request Forgery (SSRF)	<0:2.4.51-1.amzn2
H Buffer Overflow	<0:2.4.51-1.amzn2
H CVE-2021-33193	<0:2.4.51-1.amzn2
H NULL Pointer Dereference	<0:2.4.51-1.amzn2
H Out-of-bounds Read	<0:2.4.51-1.amzn2
M CVE-2021-30641	<0:2.4.48-2.amzn2
M Out-of-bounds Write	<0:2.4.48-2.amzn2
M NULL Pointer Dereference	<0:2.4.48-2.amzn2
M NULL Pointer Dereference	<0:2.4.48-2.amzn2
M HTTP Request Smuggling	<0:2.4.48-2.amzn2
M Missing Authorization	<0:2.4.48-2.amzn2
M Out-of-bounds Write	<0:2.4.48-2.amzn2
H NULL Pointer Dereference	<0:2.4.46-2.amzn2
H HTTP Request Smuggling	<0:2.4.46-1.amzn2
H HTTP Request Smuggling	<0:2.4.46-1.amzn2
H Buffer Overflow	<0:2.4.46-1.amzn2
L Use of Uninitialized Resource	<0:2.4.43-1.amzn2
L Open Redirect	<0:2.4.43-1.amzn2
M Open Redirect	<0:2.4.41-1.amzn2.0.1
M Cross-site Scripting (XSS)	<0:2.4.41-1.amzn2.0.1
M Out-of-bounds Write	<0:2.4.41-1.amzn2.0.1
H Race Condition	<0:2.4.39-1.amzn2.0.1
H Use of Incorrectly-Resolved Name or Reference	<0:2.4.39-1.amzn2.0.1
H CVE-2019-0215	<0:2.4.39-1.amzn2.0.1
H HTTP Request Smuggling	<0:2.4.39-1.amzn2.0.1
H Use After Free	<0:2.4.39-1.amzn2.0.1
H Use After Free	<0:2.4.39-1.amzn2.0.1
M CVE-2018-11763	<0:2.4.37-1.amzn2.0.1
M NULL Pointer Dereference	<0:2.4.34-1.amzn2.1.0

Vulnerability

Vulnerable Version

Exposure of Resource to Wrong Sphere

<0:2.4.62-1.amzn2.0.1

Improper Input Validation

<0:2.4.61-1.amzn2.0.1

NULL Pointer Dereference

<0:2.4.61-1.amzn2.0.1

Improper Encoding or Escaping of Output

<0:2.4.61-1.amzn2.0.1

Information Exposure

<0:2.4.61-1.amzn2.0.1