apache2 vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the apache2 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Allocation of Resources Without Limits or Throttling	<2.4.59-1~deb10u1
L CVE-2023-38709	<2.4.59-1~deb10u1
L CVE-2024-24795	<2.4.59-1~deb10u1
H Out-of-bounds Read	<2.4.59-1~deb10u1
M Improper Resource Shutdown or Release	<2.4.59-1~deb10u1
H HTTP Request Smuggling	<2.4.38-3+deb10u10
C HTTP Request Smuggling	<2.4.38-3+deb10u10
C HTTP Request Smuggling	<2.4.38-3+deb10u9
M HTTP Response Splitting	<2.4.38-3+deb10u9
H Out-of-bounds Write	<2.4.38-3+deb10u9
H Allocation of Resources Without Limits or Throttling	<2.4.38-3+deb10u8
H Allocation of Resources Without Limits or Throttling	<2.4.38-3+deb10u8
C Insufficient Verification of Data Authenticity	<2.4.38-3+deb10u8
H HTTP Request Smuggling	<2.4.38-3+deb10u8
H CVE-2022-30556	<2.4.38-3+deb10u8
C Integer Overflow or Wraparound	<2.4.38-3+deb10u8
M Integer Overflow or Wraparound	<2.4.38-3+deb10u8
C Out-of-bounds Write	<2.4.38-3+deb10u8
H Improper Initialization	<2.4.38-3+deb10u8
C Integer Overflow or Wraparound	<2.4.38-3+deb10u8
C HTTP Request Smuggling	<2.4.38-3+deb10u8
C Out-of-bounds Write	<2.4.38-3+deb10u7
H NULL Pointer Dereference	<2.4.38-3+deb10u7
C Buffer Overflow	<2.4.38-3+deb10u6
H NULL Pointer Dereference	<2.4.38-3+deb10u6
H Out-of-bounds Read	<2.4.38-3+deb10u6
C Server-Side Request Forgery (SSRF)	<2.4.38-3+deb10u6
H CVE-2021-33193	<2.4.38-3+deb10u9
C Out-of-bounds Write	<2.4.38-3+deb10u5
H Out-of-bounds Write	<2.4.38-3+deb10u5
H NULL Pointer Dereference	<2.4.38-3+deb10u5
M CVE-2021-30641	<2.4.38-3+deb10u5
M HTTP Request Smuggling	<2.4.59-1~deb10u1
H NULL Pointer Dereference	<2.4.38-3+deb10u5
H HTTP Request Smuggling	<2.4.38-3+deb10u4
C Buffer Overflow	<2.4.38-3+deb10u4
M Insufficient Verification of Data Authenticity	<2.4.25-1
H HTTP Request Smuggling	<2.4.38-3+deb10u4
M Open Redirect	<2.4.38-3+deb10u9
M Use of Uninitialized Resource	<2.4.38-3+deb10u4
H Out-of-bounds Write	<2.4.38-3+deb10u1
M Open Redirect	<2.4.38-3+deb10u1
C Use After Free	<2.4.38-3+deb10u1
H Out-of-bounds Write	<2.4.38-3+deb10u1
M Cross-site Scripting (XSS)	<2.4.38-3+deb10u3
H Allocation of Resources Without Limits or Throttling	<2.4.38-3+deb10u1
H Use After Free	<2.4.38-3
M HTTP Request Smuggling	<2.4.38-3
M Use After Free	<2.4.38-3
H Race Condition	<2.4.38-3
M Use of Incorrectly-Resolved Name or Reference	<2.4.38-3
H CVE-2019-0215	<2.4.38-3+deb10u9
L Session Fixation	<2.4.38-1
H CVE-2019-0190	<2.4.38-1
L Resource Exhaustion	<2.4.38-1
M CVE-2018-11763	<2.4.35-1
L CRLF Injection	<2.4.25-1
H NULL Pointer Dereference	<2.4.34-1
H Resource Exhaustion	<2.4.34-1
H Out-of-bounds Read	<2.4.33-1
M CVE-2018-1283	<2.4.33-1
H Improper Input Validation	<2.4.33-1
M NULL Pointer Dereference	<2.4.33-1
H Out-of-bounds Write	<2.4.33-1
M Out-of-Bounds	<2.4.33-1
C Improper Authentication	<2.4.33-1
H Use After Free	<2.4.27-6
H Improper Data Handling	<2.4.25-1
H Improper Input Validation	<2.4.25-1
H Cryptographic Issues	<2.4.25-1
H NULL Pointer Dereference	<2.4.25-4
C Information Exposure	<2.4.27-1
C Improper Authentication	<2.4.25-4
C Out-of-Bounds	<2.4.25-4
H Improper Input Validation	<2.4.25-4
C NULL Pointer Dereference	<2.4.25-4
H Improper Input Validation	<2.4.25-1
H Improper Access Control	<2.4.23-2
H Improper Access Control	<2.4.23-1
M Resource Management Errors	<2.4.20-1
M Access Restriction Bypass	<2.4.16-1
M Improper Input Validation	<2.4.16-1
L Improper Input Validation	<2.4.10-10
M Access Restriction Bypass	<2.4.10-9
L Out-of-Bounds	<2.4.10-8
M Resource Management Errors	<2.4.10-3
M Resource Management Errors	<2.4.10-1
L CVE-2013-4352	<2.4.7-1
M Resource Management Errors	<2.4.10-1
M Race Condition	<2.4.10-1
M Improper Input Validation	<2.4.10-1
M Access Restriction Bypass	<2.4.10-2
M Improper Input Validation	<2.4.9-1
M Improper Input Validation	<2.4.9-1
H CVE-2013-2249	<2.4.6-1
L Access Restriction Bypass	<2.4.6-1
L Cryptographic Issues	<2.4.1-1
M Access Restriction Bypass	<2.2.22-13
L Cross-site Scripting (XSS)	<2.2.22-13
L Cross-site Scripting (XSS)	<2.2.22-13
M Resource Management Errors	<2.2.22-1
L Cryptographic Issues	<2.2.22-12
L Cross-site Scripting (XSS)	<2.2.22-8
L CVE-2012-0216	<2.2.22-4
L Improper Input Validation	<2.2.22-1
L Access Restriction Bypass	<2.2.22-1
L Resource Management Errors	<2.2.22-1
M Resource Management Errors	<2.2.15-3
M Improper Input Validation	<2.2.21-3
M Improper Input Validation	<2.2.18-1
L Improper Input Validation	<2.4.1-1
M Numeric Errors	<2.2.21-4
M Improper Input Validation	<2.2.21-2
M Resource Management Errors	<2.2.21-1
H Resource Management Errors	<2.2.19-2
M CVE-2011-1176	<2.2.17-2
M Out-of-Bounds	<2.2.16-3
L Information Exposure	<2.2.9-10
L CVE-2010-1452	<2.2.16-1
M Information Exposure	<2.2.15-1
L CVE-2010-0408	<2.2.15-1
L Numeric Errors	*
L Cross-site Scripting (XSS)	*
M Cryptographic Issues	<2.2.14-2
L CVE-2009-3094	<2.2.13-2
L CVE-2009-3095	<2.2.13-2
M Resource Management Errors	<2.2.11-7
M Numeric Errors	<2.2.11-7
L Configuration	<2.2.11-6
L Improper Input Validation	<2.2.11-4
L Cross-site Scripting (XSS)	<2.2.9-7
M Resource Management Errors	<2.2.8-4
L Resource Management Errors	<2.2.9-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.22-8
L Arbitrary Code Injection	*
L Cross-site Request Forgery (CSRF)	<2.2.9-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Resource Management Errors	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.6-3
M Cross-site Scripting (XSS)	<2.2.6-1
L CVE-2007-3847	<2.2.6-1
L CVE-2006-5752	<2.2.4-2
L CVE-2007-1863	<2.2.4-1
L CVE-2007-3304	<2.2.4-2
L Arbitrary Code Injection	*
L CVE-2007-1743	*
L CVE-2007-1742	<2.2.8-5
L Race Condition	<2.2.8-5
L Resource Exhaustion	*
M Numeric Errors	<2.0.55-4.1
L CVE-2006-3918	<2.0.55-4.1
L Resource Management Errors	<2.0.55-4
L CVE-2005-3352	<2.0.55-4
L CVE-2005-2970	<2.0.55-1
M CVE-2005-2700	<2.0.54-5
M CVE-2005-2728	<2.0.54-5
L Off-by-one Error	<2.0.54-5
M CVE-2005-2088	<2.0.54-5
H CVE-2005-1344	<2.0.54-3
M CVE-2004-0942	<2.0.52-2
H CVE-2004-0811	<2.0.52
H CVE-2004-0885	<2.0.52-2
M CVE-2004-0748	<2.0.51
M CVE-2004-0751	<2.0.50-11
H CVE-2004-0747	<2.0.51
M CVE-2004-0786	<2.0.51
M CVE-2004-0809	<2.0.51-1
M CVE-2004-0493	<2.0.50-1
H CVE-2004-0488	<2.0.50-1
M CVE-2004-0113	<2.0.52
M CVE-2004-1834	<2.0.53-1
L CVE-2003-1307	*
H Out-of-Bounds	<2.0.48
C CVE-2003-0789	<2.0.48
M CVE-2003-0253	<2.0.47
M CVE-2003-0254	<2.0.47
M CVE-2003-0192	<2.0.47
M CVE-2003-0245	<2.0.46
M CVE-2003-0189	<2.0.46
M Missing Release of Resource after Effective Lifetime	<2.0.45
M CVE-2003-0134	<2.0.46
M CVE-2003-0083	<2.0.46
M CVE-2003-0020	<2.0.49
H CVE-2002-1850	<2.0.42-1
M CVE-2002-1156	<2.0.43
M CVE-2002-0840	<2.0.43-1
M CVE-2002-1593	<2.0.42
M CVE-2002-0654	<2.0.40
H CVE-2002-0661	<2.0.40
H CVE-2002-0392	<2.0.37
M CVE-2002-1592	<2.0.36
L Session Fixation	*