| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-3183 | 5.0 |
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large c
|
14-12-2023 - 14:06 | 20-07-2015 - 23:59 | |
| CVE-2012-0876 | 4.3 |
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file wit
|
05-08-2022 - 14:52 | 03-07-2012 - 19:55 | |
| CVE-2013-5704 | 5.0 |
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a s
|
14-04-2022 - 16:47 | 15-04-2014 - 10:55 | |
| CVE-2012-1148 | 5.0 |
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation
|
25-01-2021 - 15:44 | 03-07-2012 - 19:55 |