| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-9490 | 5.0 |
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via
|
07-10-2022 - 12:58 | 07-08-2020 - 16:15 | |
| CVE-2020-1927 | 5.8 |
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
|
25-07-2022 - 18:15 | 02-04-2020 - 00:15 | |
| CVE-2020-1934 | 5.0 |
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
|
26-04-2022 - 17:05 | 01-04-2020 - 20:15 | |
| CVE-2020-11984 | 7.5 |
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
|
06-06-2021 - 11:15 | 07-08-2020 - 16:15 | |
| CVE-2020-11993 | 4.3 |
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLev
|
06-06-2021 - 11:15 | 07-08-2020 - 16:15 |