Homepage

apache2 vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the apache2 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Open Redirect

*
  • M
Use of Uninitialized Resource

*
  • M
Open Redirect

<2.4.10-10+deb8u15
  • M
Cross-site Scripting (XSS)

<2.4.10-10+deb8u15
  • H
Race Condition

<2.4.10-10+deb8u14
  • M
Use of Incorrectly-Resolved Name or Reference

<2.4.10-10+deb8u14
  • H
Session Fixation

<2.4.10-10+deb8u13
  • M
CRLF Injection

<2.4.10-10+deb8u8
  • H
Out-of-bounds Write

<2.4.10-10+deb8u12
  • M
Out-of-Bounds

<2.4.10-10+deb8u12
  • M
CVE-2018-1283

<2.4.10-10+deb8u12
  • H
Improper Input Validation

<2.4.10-10+deb8u12
  • H
Out-of-bounds Read

<2.4.10-10+deb8u12
  • C
Improper Authentication

<2.4.10-10+deb8u12
  • H
Use After Free

<2.4.10-10+deb8u11
  • H
Improper Input Validation

<2.4.10-10+deb8u8
  • H
Cryptographic Issues

<2.4.10-10+deb8u8
  • H
Improper Data Handling

<2.4.10-10+deb8u8
  • C
Information Exposure

<2.4.10-10+deb8u10
  • H
Improper Input Validation

<2.4.10-10+deb8u9
  • C
Out-of-Bounds

<2.4.10-10+deb8u9
  • C
NULL Pointer Dereference

<2.4.10-10+deb8u9
  • C
Improper Authentication

<2.4.10-10+deb8u9
  • H
Improper Access Control

<2.4.10-10+deb8u5
  • M
Improper Input Validation

<2.4.10-10+deb8u1
  • M
Access Restriction Bypass

<2.4.10-10+deb8u1
  • M
Improper Input Validation

<2.4.10-10
  • M
Access Restriction Bypass

<2.4.10-9
  • M
Out-of-Bounds

<2.4.10-8
  • M
Resource Management Errors

<2.4.10-3
  • M
Race Condition

<2.4.10-1
  • M
Resource Management Errors

<2.4.10-1
  • M
Improper Input Validation

<2.4.10-1
  • M
CVE-2013-4352

<2.4.7-1
  • M
Resource Management Errors

<2.4.10-1
  • M
Access Restriction Bypass

<2.4.10-2
  • M
Improper Input Validation

<2.4.9-1
  • M
Improper Input Validation

<2.4.9-1
  • H
CVE-2013-2249

<2.4.6-1
  • M
Access Restriction Bypass

<2.4.6-1
  • M
Cryptographic Issues

<2.4.1-1
  • M
Access Restriction Bypass

<2.2.22-13
  • M
Cross-site Scripting (XSS)

<2.2.22-13
  • M
Cross-site Scripting (XSS)

<2.2.22-13
  • M
Resource Management Errors

<2.2.22-1
  • L
Cryptographic Issues

<2.2.22-12
  • L
Cross-site Scripting (XSS)

<2.2.22-8
  • M
CVE-2012-0216

<2.2.22-4
  • L
Improper Input Validation

<2.2.22-1
  • M
Access Restriction Bypass

<2.2.22-1
  • M
Resource Management Errors

<2.2.22-1
  • M
Resource Management Errors

<2.2.15-3
  • M
Improper Input Validation

<2.2.18-1
  • M
Improper Input Validation

<2.2.21-3
  • L
Improper Input Validation

<2.4.1-1
  • M
Numeric Errors

<2.2.21-4
  • M
Improper Input Validation

<2.2.21-2
  • M
Resource Management Errors

<2.2.21-1
  • H
Resource Management Errors

<2.2.19-2
  • M
CVE-2011-1176

<2.2.17-2
  • M
Out-of-Bounds

<2.2.16-3
  • M
Information Exposure

<2.2.9-10
  • M
CVE-2010-1452

<2.2.16-1
  • M
Information Exposure

<2.2.15-1
  • M
CVE-2010-0408

<2.2.15-1
  • L
Cross-site Scripting (XSS)

*
  • M
Numeric Errors

*
  • M
Cryptographic Issues

<2.2.14-2
  • M
CVE-2009-3095

<2.2.13-2
  • L
CVE-2009-3094

<2.2.13-2
  • M
Resource Management Errors

<2.2.11-7
  • M
Numeric Errors

<2.2.11-7
  • M
Configuration

<2.2.11-6
  • M
Improper Input Validation

<2.2.11-4
  • M
Cross-site Scripting (XSS)

<2.2.9-7
  • M
Resource Management Errors

<2.2.8-4
  • M
Resource Management Errors

<2.2.9-1
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Cross-site Scripting (XSS)

*
  • L
Arbitrary Code Injection

*
  • M
Cross-site Request Forgery (CSRF)

<2.2.9-1
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • L
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Resource Management Errors

<2.2.8-1
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Cross-site Scripting (XSS)

<2.2.6-3
  • M
Cross-site Scripting (XSS)

<2.2.6-1
  • M
CVE-2007-3847

<2.2.6-1
  • M
CVE-2007-1863

<2.2.4-1
  • M
CVE-2006-5752

<2.2.4-2
  • M
Arbitrary Code Injection

*
  • M
CVE-2007-3304

<2.2.4-2
  • M
CVE-2007-1743

*
  • M
CVE-2007-1742

<2.2.8-5
  • H
Race Condition

<2.2.8-5
  • H
Resource Exhaustion

*
  • H
Numeric Errors

<2.0.55-4.1
  • M
CVE-2006-3918

<2.0.55-4.1
  • M
Resource Management Errors

<2.0.55-4
  • M
CVE-2005-3352

<2.0.55-4
  • M
CVE-2005-2970

<2.0.55-1
  • C
CVE-2005-2700

<2.0.54-5
  • M
CVE-2005-2728

<2.0.54-5
  • M
Off-by-one Error

<2.0.54-5
  • M
CVE-2005-2088

<2.0.54-5
  • H
CVE-2005-1344

<2.0.54-3
  • M
CVE-2004-0942

<2.0.52-2
  • H
CVE-2004-0811

<2.0.52
  • H
CVE-2004-0885

<2.0.52-2
  • M
CVE-2004-0786

<2.0.51
  • M
CVE-2004-0751

<2.0.50-11
  • M
CVE-2004-0748

<2.0.51
  • H
CVE-2004-0747

<2.0.51
  • M
CVE-2004-0809

<2.0.51-1
  • M
CVE-2004-0493

<2.0.50-1
  • H
CVE-2004-0488

<2.0.50-1
  • M
CVE-2004-0113

<2.0.52
  • M
CVE-2004-1834

<2.0.53-1
  • M
CVE-2003-1307

*
  • H
Out-of-Bounds

<2.0.48
  • C
CVE-2003-0789

<2.0.48
  • M
CVE-2003-0253

<2.0.47
  • M
CVE-2003-0254

<2.0.47
  • M
CVE-2003-0192

<2.0.47
  • M
CVE-2003-0245

<2.0.46
  • M
CVE-2003-0189

<2.0.46
  • M
CVE-2003-0134

<2.0.46
  • M
Missing Release of Resource after Effective Lifetime

<2.0.45
  • M
CVE-2003-0083

<2.0.46
  • M
CVE-2003-0020

<2.0.49
  • H
CVE-2002-1850

<2.0.42-1
  • M
CVE-2002-1156

<2.0.43
  • M
CVE-2002-0840

<2.0.43-1
  • M
CVE-2002-1593

<2.0.42
  • M
CVE-2002-0654

<2.0.40
  • H
CVE-2002-0661

<2.0.40
  • H
CVE-2002-0392

<2.0.37
  • M
CVE-2002-1592

<2.0.36
  • M
Session Fixation

*