mod_proxy_html vulnerabilities

Known vulnerabilities in the mod_proxy_html package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H CVE-2024-38476	<1:2.4.37-65.module+el8.10.0+1830+22f0c9e0
M CVE-2023-38709	<1:2.4.37-65.module+el8.10.0+1830+22f0c9e0
M Improper Resource Shutdown or Release	<1:2.4.37-64.module+el8.10.0+1717+030a9fed
M Out-of-bounds Read	<1:2.4.37-64.module+el8.10.0+1717+030a9fed
H Allocation of Resources Without Limits or Throttling	<1:2.4.37-62.module+el8.9.0+1436+2b7d5021
M HTTP Request Smuggling	<1:2.4.37-56.module+el8.8.0+1284+07ef499e.6
H HTTP Request Smuggling	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M HTTP Response Splitting	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M HTTP Request Smuggling	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Out-of-bounds Write	<1:2.4.37-51.module+el8.7.0+1059+126e9251
H Out-of-bounds Write	<1:2.4.37-43.module+el8.5.0+714+5ec56ee8
M Out-of-bounds Write	<1:2.4.37-43.module+el8.5.0+714+5ec56ee8
M NULL Pointer Dereference	<1:2.4.37-43.module+el8.5.0+714+5ec56ee8
M HTTP Request Smuggling	<1:2.4.37-39.module+el8.4.0+571+fd70afb1
M Buffer Overflow	<1:2.4.37-39.module+el8.4.0+571+fd70afb1
M Session Fixation	<1:2.4.37-39.module+el8.4.0+571+fd70afb1
H HTTP Request Smuggling	<1:2.4.37-43.module+el8.5.0+714+5ec56ee8
M CVE-2021-30641	<1:2.4.37-41.module+el8.5.0+695+1fa8055e
M NULL Pointer Dereference	<1:2.4.37-41.module+el8.5.0+695+1fa8055e
H Out-of-bounds Write	<1:2.4.37-43.module+el8.5.0+714+5ec56ee8
H Server-Side Request Forgery (SSRF)	<1:2.4.37-39.module+el8.4.0+571+fd70afb1
H Out-of-bounds Write	<1:2.4.37-39.module+el8.4.0+571+fd70afb1
M NULL Pointer Dereference	<1:2.4.37-47.module+el8.6.0+823+f143cee1.1
M Out-of-bounds Read	<1:2.4.37-47.module+el8.6.0+823+f143cee1.1
M CVE-2021-33193	<1:2.4.37-47.module+el8.6.0+823+f143cee1.1
M Out-of-bounds Write	<1:2.4.37-47.module+el8.6.0+823+f143cee1.1
L NULL Pointer Dereference	<1:2.4.37-47.module+el8.6.0+823+f143cee1.1
M Insufficient Verification of Data Authenticity	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M CVE-2022-30556	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Allocation of Resources Without Limits or Throttling	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Allocation of Resources Without Limits or Throttling	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Integer Overflow or Wraparound	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Integer Overflow or Wraparound	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M HTTP Request Smuggling	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Out-of-bounds Write	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Integer Overflow or Wraparound	<1:2.4.37-51.module+el8.7.0+1059+126e9251
M Improper Initialization	<1:2.4.37-51.module+el8.7.0+1059+126e9251

Vulnerability

Vulnerable Version

CVE-2024-38476

<1:2.4.37-65.module+el8.10.0+1830+22f0c9e0

CVE-2023-38709

<1:2.4.37-65.module+el8.10.0+1830+22f0c9e0

Improper Resource Shutdown or Release

<1:2.4.37-64.module+el8.10.0+1717+030a9fed

Out-of-bounds Read

<1:2.4.37-64.module+el8.10.0+1717+030a9fed

Allocation of Resources Without Limits or Throttling

<1:2.4.37-62.module+el8.9.0+1436+2b7d5021