apache2 vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the apache2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L Resource Exhaustion	<2.4.59-1~deb11u1
L CVE-2023-38709	<2.4.59-1~deb11u1
L CVE-2024-24795	<2.4.59-1~deb11u1
H Resource Exhaustion	<2.4.59-1~deb11u1
H Out-of-bounds Read	<2.4.59-1~deb11u1
M Resource Exhaustion	<2.4.59-1~deb11u1
H HTTP Request Smuggling	<2.4.56-1~deb11u1
C HTTP Request Smuggling	<2.4.56-1~deb11u1
C HTTP Request Smuggling	<2.4.56-1~deb11u1
M HTTP Response Splitting	<2.4.56-1~deb11u1
H Out-of-bounds Write	<2.4.56-1~deb11u1
H Allocation of Resources Without Limits or Throttling	<2.4.54-1~deb11u1
H Allocation of Resources Without Limits or Throttling	<2.4.54-1~deb11u1
C Insufficient Verification of Data Authenticity	<2.4.54-1~deb11u1
H HTTP Request Smuggling	<2.4.54-1~deb11u1
H CVE-2022-30556	<2.4.54-1~deb11u1
C Integer Overflow or Wraparound	<2.4.54-1~deb11u1
M Integer Overflow or Wraparound	<2.4.54-1~deb11u1
C Out-of-bounds Write	<2.4.53-1~deb11u1
H Improper Initialization	<2.4.53-1~deb11u1
C Integer Overflow or Wraparound	<2.4.53-1~deb11u1
C HTTP Request Smuggling	<2.4.53-1~deb11u1
C Out-of-bounds Write	<2.4.52-1~deb11u2
H NULL Pointer Dereference	<2.4.52-1~deb11u2
C Buffer Overflow	<2.4.51-1~deb11u1
H NULL Pointer Dereference	<2.4.51-1~deb11u1
H Out-of-bounds Read	<2.4.51-1~deb11u1
C Server-Side Request Forgery (SSRF)	<2.4.51-1~deb11u1
H CVE-2021-33193	<2.4.48-3.1+deb11u1
C Out-of-bounds Write	<2.4.46-6
H Out-of-bounds Write	<2.4.46-6
H NULL Pointer Dereference	<2.4.46-6
H NULL Pointer Dereference	<2.4.46-6
M CVE-2021-30641	<2.4.46-6
M HTTP Request Smuggling	<2.4.48-2
H NULL Pointer Dereference	<2.4.46-5
H HTTP Request Smuggling	<2.4.46-1
C Buffer Overflow	<2.4.46-1
M Insufficient Verification of Data Authenticity	<2.4.25-1
H HTTP Request Smuggling	<2.4.46-1
L Open Redirect	<2.4.43-1
L Use of Uninitialized Resource	<2.4.43-1
H Out-of-bounds Write	<2.4.41-1
M Open Redirect	<2.4.41-1
C Use After Free	<2.4.41-1
H Out-of-bounds Write	<2.4.41-1
M Cross-site Scripting (XSS)	<2.4.41-1
H Allocation of Resources Without Limits or Throttling	<2.4.41-1
H Use After Free	<2.4.38-3
M HTTP Request Smuggling	<2.4.38-3
M Use After Free	<2.4.38-3
H Race Condition	<2.4.38-3
M Use of Incorrectly-Resolved Name or Reference	<2.4.38-3
H CVE-2019-0215	<2.4.38-3
L Session Fixation	<2.4.38-1
H CVE-2019-0190	<2.4.38-1
L Resource Exhaustion	<2.4.38-1
M CVE-2018-11763	<2.4.35-1
L CRLF Injection	<2.4.25-1
H NULL Pointer Dereference	<2.4.34-1
H Resource Exhaustion	<2.4.34-1
H Out-of-bounds Read	<2.4.33-1
M NULL Pointer Dereference	<2.4.33-1
M Out-of-Bounds	<2.4.33-1
C Improper Authentication	<2.4.33-1
H Improper Input Validation	<2.4.33-1
M CVE-2018-1283	<2.4.33-1
H Out-of-bounds Write	<2.4.33-1
H Use After Free	<2.4.27-6
H Cryptographic Issues	<2.4.25-1
H Improper Data Handling	<2.4.25-1
H Improper Input Validation	<2.4.25-1
H NULL Pointer Dereference	<2.4.25-4
C Information Exposure	<2.4.27-1
C Out-of-Bounds	<2.4.25-4
H Improper Input Validation	<2.4.25-4
C Improper Authentication	<2.4.25-4
C NULL Pointer Dereference	<2.4.25-4
H Improper Input Validation	<2.4.25-1
H Improper Access Control	<2.4.23-2
M Resource Management Errors	<2.4.20-1
H Improper Access Control	<2.4.23-1
M Access Restriction Bypass	<2.4.16-1
M Improper Input Validation	<2.4.16-1
L Improper Input Validation	<2.4.10-10
M Access Restriction Bypass	<2.4.10-9
L Out-of-Bounds	<2.4.10-8
M Resource Management Errors	<2.4.10-3
M Race Condition	<2.4.10-1
M Resource Management Errors	<2.4.10-1
M Resource Management Errors	<2.4.10-1
L CVE-2013-4352	<2.4.7-1
M Improper Input Validation	<2.4.10-1
M Access Restriction Bypass	<2.4.10-2
M Improper Input Validation	<2.4.9-1
M Improper Input Validation	<2.4.9-1
H CVE-2013-2249	<2.4.6-1
L Access Restriction Bypass	<2.4.6-1
L Cryptographic Issues	<2.4.1-1
M Access Restriction Bypass	<2.2.22-13
L Cross-site Scripting (XSS)	<2.2.22-13
L Cross-site Scripting (XSS)	<2.2.22-13
M Resource Management Errors	<2.2.22-1
L Cryptographic Issues	<2.2.22-12
L Cross-site Scripting (XSS)	<2.2.22-8
L CVE-2012-0216	<2.2.22-4
L Improper Input Validation	<2.2.22-1
L Access Restriction Bypass	<2.2.22-1
L Resource Management Errors	<2.2.22-1
M Resource Management Errors	<2.2.15-3
M Improper Input Validation	<2.2.21-3
M Improper Input Validation	<2.2.18-1
L Improper Input Validation	<2.4.1-1
M Numeric Errors	<2.2.21-4
M Improper Input Validation	<2.2.21-2
M Resource Management Errors	<2.2.21-1
H Resource Management Errors	<2.2.19-2
M CVE-2011-1176	<2.2.17-2
M Out-of-Bounds	<2.2.16-3
L Information Exposure	<2.2.9-10
L CVE-2010-1452	<2.2.16-1
M Information Exposure	<2.2.15-1
L CVE-2010-0408	<2.2.15-1
L Numeric Errors	*
L Cross-site Scripting (XSS)	*
M Cryptographic Issues	<2.2.14-2
L CVE-2009-3095	<2.2.13-2
L CVE-2009-3094	<2.2.13-2
M Resource Management Errors	<2.2.11-7
M Numeric Errors	<2.2.11-7
L Configuration	<2.2.11-6
L Improper Input Validation	<2.2.11-4
L Cross-site Scripting (XSS)	<2.2.9-7
M Resource Management Errors	<2.2.8-4
L Resource Management Errors	<2.2.9-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Arbitrary Code Injection	*
L Cross-site Scripting (XSS)	<2.2.22-8
L Cross-site Scripting (XSS)	<2.2.8-1
L Cross-site Request Forgery (CSRF)	<2.2.9-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Resource Management Errors	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.8-1
L Cross-site Scripting (XSS)	<2.2.6-3
M Cross-site Scripting (XSS)	<2.2.6-1
L CVE-2007-3847	<2.2.6-1
L CVE-2007-1863	<2.2.4-1
L CVE-2006-5752	<2.2.4-2
L Arbitrary Code Injection	*
L CVE-2007-3304	<2.2.4-2
L CVE-2007-1742	<2.2.8-5
L CVE-2007-1743	*
L Race Condition	<2.2.8-5
L Resource Exhaustion	*
M Numeric Errors	<2.0.55-4.1
L CVE-2006-3918	<2.0.55-4.1
L Resource Management Errors	<2.0.55-4
L CVE-2005-3352	<2.0.55-4
L CVE-2005-2970	<2.0.55-1
M CVE-2005-2700	<2.0.54-5
M CVE-2005-2728	<2.0.54-5
L Off-by-one Error	<2.0.54-5
M CVE-2005-2088	<2.0.54-5
H CVE-2005-1344	<2.0.54-3
M CVE-2004-0942	<2.0.52-2
H CVE-2004-0811	<2.0.52
H CVE-2004-0885	<2.0.52-2
M CVE-2004-0786	<2.0.51
M CVE-2004-0748	<2.0.51
H CVE-2004-0747	<2.0.51
M CVE-2004-0751	<2.0.50-11
M CVE-2004-0809	<2.0.51-1
M CVE-2004-0493	<2.0.50-1
H CVE-2004-0488	<2.0.50-1
M CVE-2004-0113	<2.0.52
M CVE-2004-1834	<2.0.53-1
L CVE-2003-1307	*
C CVE-2003-0789	<2.0.48
H Out-of-Bounds	<2.0.48
M CVE-2003-0253	<2.0.47
M CVE-2003-0254	<2.0.47
M CVE-2003-0192	<2.0.47
M CVE-2003-0245	<2.0.46
M CVE-2003-0189	<2.0.46
M Missing Release of Resource after Effective Lifetime	<2.0.45
M CVE-2003-0134	<2.0.46
M CVE-2003-0083	<2.0.46
M CVE-2003-0020	<2.0.49
H CVE-2002-1850	<2.0.42-1
M CVE-2002-0840	<2.0.43-1
M CVE-2002-1156	<2.0.43
M CVE-2002-1593	<2.0.42
M CVE-2002-0654	<2.0.40
H CVE-2002-0661	<2.0.40
H CVE-2002-0392	<2.0.37
M CVE-2002-1592	<2.0.36
L Session Fixation	*