Homepage

apache2 vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the apache2 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Open Redirect

*
  • M
Use of Uninitialized Resource

*
  • M
Open Redirect

<2.4.10-10+deb8u15
  • M
Cross-site Scripting (XSS)

<2.4.10-10+deb8u15
  • H
Race Condition

<2.4.10-10+deb8u14
  • M
Use of Incorrectly-Resolved Name or Reference

<2.4.10-10+deb8u14
  • H
Session Fixation

<2.4.10-10+deb8u13
  • M
CRLF Injection

<2.4.10-10+deb8u8
  • C
Improper Authentication

<2.4.10-10+deb8u12
  • H
Out-of-bounds Read

<2.4.10-10+deb8u12
  • M
CVE-2018-1283

<2.4.10-10+deb8u12
  • H
Out-of-bounds Write

<2.4.10-10+deb8u12
  • M
Out-of-Bounds

<2.4.10-10+deb8u12
  • H
Improper Input Validation

<2.4.10-10+deb8u12
  • H
Use After Free

<2.4.10-10+deb8u11
  • H
Improper Input Validation

<2.4.10-10+deb8u8
  • H
Improper Data Handling

<2.4.10-10+deb8u8
  • H
Cryptographic Issues

<2.4.10-10+deb8u8
  • C
Information Exposure

<2.4.10-10+deb8u10
  • C
NULL Pointer Dereference

<2.4.10-10+deb8u9
  • C
Improper Authentication

<2.4.10-10+deb8u9
  • H
Improper Input Validation

<2.4.10-10+deb8u9
  • C
Out-of-Bounds

<2.4.10-10+deb8u9
  • H
Improper Access Control

<2.4.10-10+deb8u5
  • M
Access Restriction Bypass

<2.4.10-10+deb8u1
  • M
Improper Input Validation

<2.4.10-10+deb8u1
  • M
Improper Input Validation

<2.4.10-10
  • M
Access Restriction Bypass

<2.4.10-9
  • M
Out-of-Bounds

<2.4.10-8
  • M
Resource Management Errors

<2.4.10-3
  • M
Improper Input Validation

<2.4.10-1
  • M
Race Condition

<2.4.10-1
  • M
Resource Management Errors

<2.4.10-1
  • M
CVE-2013-4352

<2.4.7-1
  • M
Resource Management Errors

<2.4.10-1
  • M
Access Restriction Bypass

<2.4.10-2
  • M
Improper Input Validation

<2.4.9-1
  • M
Improper Input Validation

<2.4.9-1
  • H
CVE-2013-2249

<2.4.6-1
  • M
Access Restriction Bypass

<2.4.6-1
  • M
Cryptographic Issues

<2.4.1-1
  • M
Access Restriction Bypass

<2.2.22-13
  • M
Cross-site Scripting (XSS)

<2.2.22-13
  • M
Cross-site Scripting (XSS)

<2.2.22-13
  • M
Resource Management Errors

<2.2.22-1
  • L
Cryptographic Issues

<2.2.22-12
  • L
Cross-site Scripting (XSS)

<2.2.22-8
  • M
CVE-2012-0216

<2.2.22-4
  • L
Improper Input Validation

<2.2.22-1
  • M
Access Restriction Bypass

<2.2.22-1
  • M
Resource Management Errors

<2.2.22-1
  • M
Resource Management Errors

<2.2.15-3
  • M
Improper Input Validation

<2.2.18-1
  • M
Improper Input Validation

<2.2.21-3
  • M
Numeric Errors

<2.2.21-4
  • L
Improper Input Validation

<2.4.1-1
  • M
Improper Input Validation

<2.2.21-2
  • M
Resource Management Errors

<2.2.21-1
  • H
Resource Management Errors

<2.2.19-2
  • M
CVE-2011-1176

<2.2.17-2
  • M
Out-of-Bounds

<2.2.16-3
  • M
Information Exposure

<2.2.9-10
  • M
CVE-2010-1452

<2.2.16-1
  • M
Information Exposure

<2.2.15-1
  • M
CVE-2010-0408

<2.2.15-1
  • L
Cross-site Scripting (XSS)

*
  • M
Numeric Errors

*
  • M
Cryptographic Issues

<2.2.14-2
  • M
CVE-2009-3095

<2.2.13-2
  • L
CVE-2009-3094

<2.2.13-2
  • M
Resource Management Errors

<2.2.11-7
  • M
Numeric Errors

<2.2.11-7
  • M
Configuration

<2.2.11-6
  • M
Improper Input Validation

<2.2.11-4
  • M
Cross-site Scripting (XSS)

<2.2.9-7
  • M
Resource Management Errors

<2.2.8-4
  • M
Resource Management Errors

<2.2.9-1
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • L
Arbitrary Code Injection

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Cross-site Request Forgery (CSRF)

<2.2.9-1
  • L
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Resource Management Errors

<2.2.8-1
  • M
Cross-site Scripting (XSS)

<2.2.8-1
  • M
Cross-site Scripting (XSS)

<2.2.6-3
  • M
Cross-site Scripting (XSS)

<2.2.6-1
  • M
CVE-2007-3847

<2.2.6-1
  • M
CVE-2006-5752

<2.2.4-2
  • M
CVE-2007-1863

<2.2.4-1
  • M
Arbitrary Code Injection

*
  • M
CVE-2007-3304

<2.2.4-2
  • M
CVE-2007-1743

*
  • M
CVE-2007-1742

<2.2.8-5
  • H
Race Condition

<2.2.8-5
  • H
Resource Exhaustion

*
  • H
Numeric Errors

<2.0.55-4.1
  • M
CVE-2006-3918

<2.0.55-4.1
  • M
Resource Management Errors

<2.0.55-4
  • M
CVE-2005-3352

<2.0.55-4
  • M
CVE-2005-2970

<2.0.55-1
  • C
CVE-2005-2700

<2.0.54-5
  • M
CVE-2005-2728

<2.0.54-5
  • M
Off-by-one Error

<2.0.54-5
  • M
CVE-2005-2088

<2.0.54-5
  • H
CVE-2005-1344

<2.0.54-3
  • M
CVE-2004-0942

<2.0.52-2
  • H
CVE-2004-0811

<2.0.52
  • H
CVE-2004-0885

<2.0.52-2
  • M
CVE-2004-0751

<2.0.50-11
  • H
CVE-2004-0747

<2.0.51
  • M
CVE-2004-0748

<2.0.51
  • M
CVE-2004-0786

<2.0.51
  • M
CVE-2004-0809

<2.0.51-1
  • M
CVE-2004-0493

<2.0.50-1
  • H
CVE-2004-0488

<2.0.50-1
  • M
CVE-2004-0113

<2.0.52
  • M
CVE-2004-1834

<2.0.53-1
  • M
CVE-2003-1307

*
  • H
Out-of-Bounds

<2.0.48
  • C
CVE-2003-0789

<2.0.48
  • M
CVE-2003-0192

<2.0.47
  • M
CVE-2003-0253

<2.0.47
  • M
CVE-2003-0254

<2.0.47
  • M
CVE-2003-0189

<2.0.46
  • M
CVE-2003-0245

<2.0.46
  • M
CVE-2003-0134

<2.0.46
  • M
Missing Release of Resource after Effective Lifetime

<2.0.45
  • M
CVE-2003-0083

<2.0.46
  • M
CVE-2003-0020

<2.0.49
  • H
CVE-2002-1850

<2.0.42-1
  • M
CVE-2002-0840

<2.0.43-1
  • M
CVE-2002-1156

<2.0.43
  • M
CVE-2002-1593

<2.0.42
  • M
CVE-2002-0654

<2.0.40
  • H
CVE-2002-0661

<2.0.40
  • H
CVE-2002-0392

<2.0.37
  • M
CVE-2002-1592

<2.0.36
  • M
Session Fixation

*