httpd | Snyk

Direct Vulnerabilities

Known vulnerabilities in the httpd package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Buffer Overflow	*
M Buffer Overflow	*
H Out-of-bounds Read	*
H Out-of-bounds Read	*
H Buffer Overflow	*
H Buffer Overflow	*
H Buffer Overflow	*
H Buffer Overflow	*
M Directory Traversal	*
M Directory Traversal	*
M Incorrect Privilege Assignment	*
M Incorrect Privilege Assignment	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Buffer Underflow	*
M Buffer Underflow	*
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:2.4.68-1.hum1
M Buffer Over-read	<0:2.4.63-13.el10_2.1
M NULL Pointer Dereference	<0:2.4.63-13.el10_2.1
H Out-of-bounds Write	<0:2.4.63-13.el10_2.1
M Out-of-bounds Read	<0:2.4.63-13.el10_2.1
M Improper Null Termination	<0:2.4.63-13.el10_2.1
C Integer Overflow or Wraparound	*
L Out-of-bounds Read	*
M Resource Exhaustion	*
L Improper Input Validation	*
L Improper Input Validation	*
L Improper Input Validation	*
L Improper Input Validation	*
L Uncontrolled Recursion	*
L Uncontrolled Recursion	*
L Integer Overflow or Wraparound	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
H Integer Overflow or Wraparound	*
L Buffer Overflow	*
L Improper Input Validation	*
L Improper Input Validation	*
M Cross-site Scripting (XSS)	*
M Out-of-bounds Read	*
H Resource Exhaustion	*
H Out-of-bounds Read	*
M CVE-2017-10140	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Input Validation	*
M Improper Input Validation	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
H Resource Exhaustion	*
M Cross-site Scripting (XSS)	*
L Cross-site Scripting (XSS)	*
L Cross-site Scripting (XSS)	*
M CRLF Injection	<0:2.4.67-1.hum1
M CRLF Injection	*
L NULL Pointer Dereference	<0:2.4.67-1.hum1
L NULL Pointer Dereference	*
M Information Exposure	<0:2.4.67-1.hum1
M Information Exposure	*
M Buffer Over-read	<0:2.4.67-0.1.hum1
M NULL Pointer Dereference	<0:2.4.67-0.1.hum1
M Out-of-bounds Read	<0:2.4.67-0.1.hum1
M Improper Null Termination	<0:2.4.67-0.1.hum1
M External Control of File Name or Path	<0:2.4.67-0.1.hum1
M External Control of File Name or Path	*
H Out-of-bounds Write	*
H CVE-2026-23918	<0:2.4.67-0.1.hum1
M Improper Neutralization	<0:2.4.66-6.hum1
H Server-Side Request Forgery (SSRF)	<0:2.4.66-6.hum1
M Authentication Bypass by Primary Weakness	<0:2.4.66-6.hum1
H Information Exposure	<0:2.4.66-6.hum1
H Resource Exhaustion	*
H Information Exposure	<0:2.4.63-1.el10_0.3
M Authentication Bypass by Primary Weakness	<0:2.4.63-4.el10_1.3
H Information Exposure	<0:2.4.63-4.el10_1.3
M Improper Neutralization	<0:2.4.63-4.el10_1.3
M Authentication Bypass by Primary Weakness	*
M Improper Neutralization	*
M Improper Output Neutralization for Logs	<0:2.4.63-1.el10_0.2
M Improper Access Control	<0:2.4.63-1.el10_0.2
M Improper Authentication	<0:2.4.63-1.el10_0.2
M CRLF Injection	*
M Server-Side Request Forgery (SSRF)	*
H Improper Input Validation	*
M Resource Exhaustion	*
M HTTP Request Smuggling	*
M HTTP Request Smuggling	*
M HTTP Request Smuggling	*
M HTTP Request Smuggling	*
L Use After Free	*
L HTTP Request Smuggling	*
L Out-of-bounds Read	*
H Out-of-bounds Write	*
H HTTP Request Smuggling	*
L Improper Input Validation	*
L Improper Input Validation	*
L Improper Input Validation	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Write	*
H Out-of-bounds Write	*
M Server-Side Request Forgery (SSRF)	*
M Out-of-bounds Write	*
M NULL Pointer Dereference	*
M NULL Pointer Dereference	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Improper Access Control	*
L Path Equivalence	*
L Authentication Bypass by Primary Weakness	*
M Improper Input Validation	*
M Use After Free	*
H Missing Initialization of a Variable	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
M Out-of-bounds Read	*
L Out-of-bounds Write	*
L Out-of-bounds Write	*
M NULL Pointer Dereference	*
M NULL Pointer Dereference	*
M NULL Pointer Dereference	*
M Improper Authentication	*
M Improper Authentication	*
M Improper Authentication	*
M Improper Input Validation	*
M HTTP Response Splitting	*
M HTTP Response Splitting	*
M HTTP Response Splitting	*
M Improper Authentication	*
L Link Following	*
M CVE-2007-1863	<0:2.0.59-1.el4s1.7
M Out-of-bounds Read	<0:2.0.59-1.el4s1.8
M Cross-site Scripting (XSS)	<0:2.0.59-1.el4s1.7
M CVE-2007-3304	<0:2.0.59-1.el4s1.7
M Cross-site Scripting (XSS)	<0:2.0.59-1.el4s1.10
L Cross-site Scripting (XSS)	*
L Cross-site Scripting (XSS)	<0:2.0.59-1.el4s1.10
L Cross-site Scripting (XSS)	<0:2.0.59-1.el4s1.10
L Cross-site Scripting (XSS)	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
L CVE-2013-1862	*
M CVE-2013-1896	*
M Out-of-Bounds	*
M Out-of-Bounds	*
M Out-of-Bounds	*
L Out-of-bounds Read	*
L Out-of-bounds Read	*
M Encoding Error	*
M Encoding Error	*
M Encoding Error	*
M Resource Management Errors	*
M Resource Exhaustion	*
H Out-of-bounds Write	*
M NULL Pointer Dereference	*
L Improper Authentication	*
L Improper Authentication	*
L Improper Authentication	*
L Improper Authentication	*
L CVE-2012-0883	*
M CVE-2012-0053	*
M CVE-2012-0053	*
L Cross-site Scripting (XSS)	<0:2.0.59-1.el4s1.8
M Allocation of Resources Without Limits or Throttling	*
M Access Restriction Bypass	<0:2.0.63-2.el4s1.2
H Execution with Unnecessary Privileges	*
M Resource Exhaustion	*
M Use After Free	*
M Use After Free	*
H Resource Exhaustion	*
H Resource Exhaustion	*
H Resource Exhaustion	*
H Resource Exhaustion	<0:2.2.3-22.el5_3.3
H Resource Exhaustion	<0:2.0.46-78.ent
M Improper Input Validation	*
M Improper Input Validation	*
L Open Redirect	*
L Cross-site Scripting (XSS)	*
M Use of Uninitialized Resource	*
H Resource Exhaustion	*
M Insufficient Verification of Data Authenticity	*
L HTTP Response Splitting	*
L HTTP Response Splitting	*

Vulnerability

Vulnerable Version

Out-of-bounds Read