Resource Exhaustion Affecting apache2 package, versions <2.4.48-r0
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-ALPINE318-APACHE2-5511441
- published 12 Jun 2021
- disclosed 7 Apr 2020
Introduced: 7 Apr 2020
CVE-2019-17657 Open this link in a new tabHow to fix?
Upgrade Alpine:3.18
apache2
to version 2.4.48-r0 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream apache2
package and not the apache2
package as distributed by Alpine
.
See How to fix?
for Alpine:3.18
relevant fixed versions and status.
An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an attacker to cause admin webUI denial of service (DoS) via handling special crafted HTTP requests/responses in pieces slowly, as demonstrated by Slow HTTP DoS Attacks.