httpd-devel vulnerabilities

Known vulnerabilities in the httpd-devel package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H CVE-2024-38476	<0:2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2
H NULL Pointer Dereference	<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1
H Improper Encoding or Escaping of Output	<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1
H Improper Input Validation	<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1
H Improper Encoding or Escaping of Output	<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1
H Improper Encoding or Escaping of Output	<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1
M CVE-2023-38709	<0:2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583
M Out-of-bounds Read	<0:2.4.37-64.module+el8.10.0+90271+3bc76a16
M Improper Resource Shutdown or Release	<0:2.4.37-64.module+el8.10.0+90271+3bc76a16
H Allocation of Resources Without Limits or Throttling	<0:2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
M HTTP Request Smuggling	<0:2.4.37-56.0.1.module+el8.8.0+21159+b5186791.7
H HTTP Request Smuggling	<0:2.4.37-51.0.1.module+el8.7.0+21029+de29ba63.5
M HTTP Request Smuggling	<0:2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
M Out-of-bounds Write	<0:2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
M HTTP Response Splitting	<0:2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1
M Integer Overflow or Wraparound	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M Improper Initialization	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M CVE-2022-30556	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M Out-of-bounds Write	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M HTTP Request Smuggling	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M Integer Overflow or Wraparound	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M Allocation of Resources Without Limits or Throttling	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M Allocation of Resources Without Limits or Throttling	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
M Integer Overflow or Wraparound	<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e
H Insufficient Verification of Data Authenticity	<0:2.4.37-47.0.2.module+el8.6.0+20724+119b489d.2
L NULL Pointer Dereference	<0:2.4.37-47.0.1.module+el8.6.0+20683+407db9f5.2
M NULL Pointer Dereference	<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1
M Out-of-bounds Write	<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1
M Out-of-bounds Read	<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1
M CVE-2021-33193	<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1
H HTTP Request Smuggling	<0:2.4.37-43.0.2.module+el8.5.0+20524+6e75a975.3
H Out-of-bounds Write	<0:2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1
H Out-of-bounds Write	<0:2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f
H NULL Pointer Dereference	<0:2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f
H Out-of-bounds Write	<0:2.4.37-43.0.1.module+el8.5.0+20426+404a9eb9
M CVE-2021-30641	<0:2.4.37-41.0.1.module+el8.5.0+20323+c8e0c271
H NULL Pointer Dereference	<0:2.4.37-39.0.2.module+el8.4.0+20402+038b8ccd.1
H Server-Side Request Forgery (SSRF)	<0:2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1
H Out-of-bounds Write	<0:2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1
M HTTP Request Smuggling	<0:2.4.37-39.0.1.module+el8.4.0+20024+b87b2deb
M Buffer Overflow	<0:2.4.37-39.0.1.module+el8.4.0+20024+b87b2deb
M Use After Free	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M Cross-site Scripting (XSS)	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M NULL Pointer Dereference	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M Use After Free	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M Out-of-bounds Write	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M Resource Exhaustion	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M HTTP Request Smuggling	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M Open Redirect	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M Open Redirect	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
M Use of Uninitialized Resource	<0:2.4.37-30.0.1.module+el8.3.0+7816+49791cfd
H HTTP Request Smuggling	<0:2.4.37-21.0.1.module+el8.2.0+5576+c083ffcb
M Session Fixation	<0:2.4.37-39.0.1.module+el8.4.0+20024+b87b2deb
H Allocation of Resources Without Limits or Throttling	<0:2.4.37-12.0.1.module+el8.0.0+5348+de75177e
M Race Condition	<0:2.4.37-16.0.1.module+el8.1.0+5385+dcd9ff33
M Use of Incorrectly-Resolved Name or Reference	<0:2.4.37-16.0.1.module+el8.1.0+5385+dcd9ff33
H Use After Free	<0:2.4.37-11.0.1.module+el8.0.0+5209+a98d70d6
H CVE-2019-0215	<0:2.4.37-11.0.1.module+el8.0.0+5209+a98d70d6

Vulnerability

Vulnerable Version

CVE-2024-38476

<0:2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2

NULL Pointer Dereference

<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1

Improper Encoding or Escaping of Output

<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1

Improper Input Validation

<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1

Improper Encoding or Escaping of Output

<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1

Improper Encoding or Escaping of Output

<0:2.4.37-65.0.1.module+el8.10.0+90368+a557a4bf.1

CVE-2023-38709

<0:2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583

Out-of-bounds Read

<0:2.4.37-64.module+el8.10.0+90271+3bc76a16

Improper Resource Shutdown or Release

<0:2.4.37-64.module+el8.10.0+90271+3bc76a16

Allocation of Resources Without Limits or Throttling

<0:2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23

HTTP Request Smuggling

<0:2.4.37-56.0.1.module+el8.8.0+21159+b5186791.7

HTTP Request Smuggling

<0:2.4.37-51.0.1.module+el8.7.0+21029+de29ba63.5

HTTP Request Smuggling

<0:2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1

Out-of-bounds Write

<0:2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1

HTTP Response Splitting

<0:2.4.37-51.0.1.module+el8.7.0+20923+af3b70dd.1

Integer Overflow or Wraparound

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

Improper Initialization

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

CVE-2022-30556

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

Out-of-bounds Write

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

HTTP Request Smuggling

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

Integer Overflow or Wraparound

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

Allocation of Resources Without Limits or Throttling

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

Allocation of Resources Without Limits or Throttling

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

Integer Overflow or Wraparound

<0:2.4.37-51.0.1.module+el8.7.0+20778+02173b8e

Insufficient Verification of Data Authenticity

<0:2.4.37-47.0.2.module+el8.6.0+20724+119b489d.2

NULL Pointer Dereference

<0:2.4.37-47.0.1.module+el8.6.0+20683+407db9f5.2

NULL Pointer Dereference

<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1

Out-of-bounds Write

<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1

Out-of-bounds Read

<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1

CVE-2021-33193

<0:2.4.37-47.0.1.module+el8.6.0+20649+083145da.1

HTTP Request Smuggling

<0:2.4.37-43.0.2.module+el8.5.0+20524+6e75a975.3

Out-of-bounds Write

<0:2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1

Out-of-bounds Write

<0:2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f

NULL Pointer Dereference

<0:2.4.37-43.0.2.module+el8.5.0+20470+f38d0c8f

Out-of-bounds Write

<0:2.4.37-43.0.1.module+el8.5.0+20426+404a9eb9

CVE-2021-30641

<0:2.4.37-41.0.1.module+el8.5.0+20323+c8e0c271

NULL Pointer Dereference

<0:2.4.37-39.0.2.module+el8.4.0+20402+038b8ccd.1

Server-Side Request Forgery (SSRF)

<0:2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1

Out-of-bounds Write

<0:2.4.37-39.0.1.module+el8.4.0+20372+b87b2deb.1

HTTP Request Smuggling

<0:2.4.37-39.0.1.module+el8.4.0+20024+b87b2deb

Buffer Overflow

<0:2.4.37-39.0.1.module+el8.4.0+20024+b87b2deb

Use After Free