Critical 9.8
2024-07-01< 2.4.60
Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect
Apache 2.4
Critical 9.8
2017-06-20< 2.4.26
httpd: mod_mime buffer overread
Critical 9.8
2017-06-20< 2.4.26
httpd: mod_ssl NULL pointer dereference
Critical 9.8
2017-06-20< 2.4.26
httpd: ap_get_basic_auth_pw() authentication bypass
Critical 9.8
2018-03-26< 2.4.30
httpd: Weak Digest auth nonce generation in mod_auth_digest
Critical 9.8
2020-08-07≥ 2.4.32 and ≤ 2.4.43
httpd: mod_proxy_uwsgi buffer overflow
Critical 9.8
2021-06-10< 2.4.47
Apache HTTP Server mod_session response handling heap overflow
Critical 9.8
2021-09-16< 2.4.49
ap_escape_quotes buffer overflow
KEV
2021-10-07≥ 2.4.49 and ≤ 2.4.50
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Critical 9.8
2021-12-20< 2.4.52
Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier
Critical 9.8
2022-03-14< 2.4.53
mod_sed: Read/write beyond bounds
Critical 9.8
2022-03-14< 2.4.53
HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
Critical 9.8
2022-06-08< 2.4.54
mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism
Critical 9.8
2023-03-07< 2.4.56
Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy
Critical 9.1
2025-07-10≥ 2.4.35 and < 2.4.64
Apache HTTP Server: mod_ssl access control bypass with session resumption
KEV
2024-07-01≤ 2.4.59
Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.
Critical 9.1
2017-07-13< 2.4.27
httpd: Uninitialized memory reflection in mod_auth_digest
Critical 9.1
2019-09-26≥ 2.4.18 and ≤ 2.4.39
httpd: read-after-free in h2 connection shutdown
Critical 9.1
2022-03-14< 2.4.53
core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
Critical 9.1
2022-06-08< 2.4.54
Read beyond bounds in ap_strcmp_match()
KEV
2021-09-16< 2.4.49
mod_proxy SSRF
Critical 9.0
2023-01-17< 2.4.55
Apache HTTP Server: mod_proxy_ajp Possible request smuggling
High 8.8
2026-05-04< 2.4.67
Apache HTTP Server: http2: double free and possible RCE on early reset
High 8.8
2026-05-04< 2.4.67
Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr
High 8.3
2025-12-05< 2.4.66
Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
High 8.2
2021-12-20≥ 2.4.7 and ≤ 2.4.51
Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
High 8.1
2024-07-01< 2.4.60
Apache HTTP Server weakness with encoded question marks in backreferences
High 8.1
2024-07-01< 2.4.60
Apache HTTP Server proxy encoding problem
High 8.1
2016-07-19≥ 2.4.1 and ≤ 2.4.23
HTTPD: sets environmental variable based on user supplied Proxy request header
High 8.1
2018-03-26< 2.4.30
httpd: <FilesMatch> bypass with a trailing newline in the file name
KEV
2019-04-08≥ 2.4.17 and ≤ 2.4.38
httpd: privilege escalation from modules scripts
High 7.5
2026-05-04< 2.4.66
Apache HTTP Server: mod_dav_lock indirect lock crash
High 7.5
2026-05-04< 2.4.67
Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data()
High 7.5
2025-12-05< 2.4.66
Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF
High 7.5
2025-12-05≥ 2.4.30 and < 2.4.66
Apache HTTP Server: mod_md (ACME), unintended retry intervals
High 7.5
2025-07-10≥ 2.4.17 and < 2.4.64
Apache HTTP Server: HTTP/2 DoS by Memory Increase
High 7.5
2025-07-10≥ 2.4.26 and < 2.4.64
Apache HTTP Server: mod_proxy_http2 denial of service
High 7.5
2025-07-10< 2.4.64
Apache HTTP Server: mod_ssl error log variable escaping
High 7.5
2025-07-10< 2.4.64
Apache HTTP Server: SSRF on Windows due to UNC paths
High 7.5
2025-07-10< 2.4.64
Apache HTTP Server: SSRF with mod_headers setting Content-Type header
High 7.5
2025-07-10< 2.4.64
Apache HTTP Server: HTTP response splitting
High 7.5
0000-00-00< 2.4.13.2
Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled
High 7.5
2024-07-01< 2.4.60
Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
High 7.5
2024-07-01< 2.4.60
Apache HTTP Server on WIndows UNC SSRF
High 7.5
2024-07-01< 2.4.60
Apache HTTP Server: mod_rewrite proxy handler substitution
High 7.5
2024-07-18< 2.4.62
Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows
High 7.5
2024-04-04≥ 2.4.17 and < 2.4.59
Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames
High 7.5
2013-07-23≥ 2.4.1 and ≤ 2.4.4
httpd: mod_session_dbd session fixation flaw
High 7.5
2014-07-20≥ 2.4.1 and ≤ 2.4.9
httpd: WinNT MPM denial of service
High 7.5
2016-07-06≥ 2.4.18 and ≤ 2.4.20
httpd: X509 client certificate authentication bypass using HTTP/2
High 7.5
2017-07-27≥ 2.4.1 and ≤ 2.4.23
httpd: Apache HTTP Request Parsing Whitespace Defects
High 7.5
2016-12-05≥ 2.4.17 and ≤ 2.4.23
httpd: Incomplete handling of LimitRequestFields directive in mod_http2
High 7.5
2017-07-27< 2.4.24
httpd: DoS vulnerability in mod_auth_digest
High 7.5
2017-07-27< 2.4.24
httpd: Padding Oracle in Apache mod_session_crypto
High 7.5
2017-06-20≥ 2.4.24 and ≤ 2.4.25
httpd: ap_find_token() buffer overread
High 7.5
2017-07-26≥ 2.4.24 and ≤ 2.4.25
httpd: mod_http2 NULL pointer dereference
High 7.5
2017-07-13= 2.4.26
httpd: Read after free in mod_http2
High 7.5
2017-09-18< 2.4.28
httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)
High 7.5
2018-03-26< 2.4.30
httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS
High 7.5
2018-03-26< 2.4.30
httpd: Out of bounds write in mod_authnz_ldap when using too small Accept-Language values
High 7.5
2018-07-18= 2.4.33
mod_md, DoS via Coredumps on specially crafted requests
High 7.5
2018-06-18≥ 2.4.18 and ≤ 2.4.33
DoS for HTTP/2 connections by crafted requests
High 7.5
2019-01-30= 2.4.37
httpd: mod_ssl: infinite loop triggered by client-initiated renegotiation when using OpenSSL 1.1.1
High 7.5
2019-01-30< 2.4.38
httpd: mod_session_cookie does not respect expiry time
High 7.5
2019-04-08< 2.4.39
httpd: mod_auth_digest: access control bypass due to race condition
High 7.5
2019-04-08≥ 2.4.37 and ≤ 2.4.38
httpd: mod_ssl: access control bypass when using per-location client certification authentication
High 7.5
2019-08-15≥ 2.4.20 and ≤ 2.4.39
httpd: memory corruption on early pushes
High 7.5
2019-08-13≥ 2.4.20 and ≤ 2.4.39
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service
High 7.5
2020-08-07≥ 2.4.20 and ≤ 2.4.43
httpd: mod_http2 concurrent pool usage
High 7.5
2020-08-07≥ 2.4.20 and ≤ 2.4.45
httpd: Push diary crash on specifically crafted HTTP/2 header
High 7.5
2021-06-15= 2.4.47
NULL pointer dereference on specially crafted HTTP/2 request
High 7.5
2021-06-10< 2.4.47
mod_session NULL pointer dereference
High 7.5
2021-06-10≥ 2.4.41 and ≤ 2.4.46
mod_proxy_http NULL pointer dereference
High 7.5
2021-09-16≥ 2.4.30 and ≤ 2.4.48
mod_proxy_uwsgi out of bound read
High 7.5
2021-09-16< 2.4.49
NULL pointer dereference in httpd core
High 7.5
2021-08-16≥ 2.4.17 and ≤ 2.4.48
Request splitting via HTTP/2 method injection and mod_proxy
KEV
2021-10-05= 2.4.49
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
High 7.5
2021-10-05= 2.4.49
null pointer dereference in h2 fuzzing
High 7.5
2022-03-14< 2.4.53
mod_lua Use of uninitialized value of in r:parsebody
High 7.5
2022-06-08< 2.4.54
Information Disclosure in mod_lua with websockets
High 7.5
2022-06-08= 2.4.53
mod_sed denial of service
High 7.5
2022-06-08< 2.4.54
Denial of service in mod_lua r:parsebody
High 7.5
2022-06-08< 2.4.54
mod_proxy_ajp: Possible request smuggling
High 7.5
2023-01-17< 2.4.55
Apache HTTP Server: mod_dav out of bounds read, or write of zero byte
High 7.5
2023-03-07≥ 2.4.30 and ≤ 2.4.55
Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting
High 7.5
2023-10-23≥ 2.4.55 and ≤ 2.4.57
Apache HTTP Server: DoS in HTTP/2 with initial windows size 0
High 7.5
2023-10-23< 2.4.58
Apache HTTP Server: mod_macro buffer over-read
High 7.4
2025-07-10< 2.4.64
Apache HTTP Server: mod_ssl TLS upgrade attack
High 7.3
2026-05-05≥ 2.4.30 and < 2.4.67
Apache HTTP Server: mod_md unrestricted OCSP response
High 7.3
2024-04-04≤ 2.4.58
Apache HTTP Server: HTTP response splitting
High 7.3
2021-06-10< 2.4.47
mod_auth_digest possible stack overflow by one nul byte
High 7.2
2019-09-26≥ 2.4.33 and ≤ 2.4.38
httpd: null-pointer dereference in mod_remoteip
Medium 6.9
2012-04-18= 2.4.1
httpd: insecure handling of LD_LIBRARY_PATH in envvars
Medium 6.8
2014-07-20≥ 2.4.1 and < 2.4.10
httpd: mod_status heap-based buffer overflow
Medium 6.5
2026-05-04< 2.4.67
Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line
Medium 6.5
2025-12-05< 2.4.66
Apache HTTP Server: CGI environment variable override
Medium 6.3
2025-07-23< 2.4.65
Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64
Medium 6.3
2024-04-04< 2.4.59
Apache HTTP Server: HTTP Response Splitting in multiple modules
Medium 6.2
2024-07-04< 2.4.61
Apache HTTP Server: source code disclosure with handlers configured via AddType
Medium 6.1
2018-08-14≥ 2.4.1 and ≤ 2.4.23
mod_userdir CRLF injection
Medium 6.1
2019-09-25< 2.4.40
httpd: mod_rewrite potential open redirect
Medium 6.1
2019-09-26< 2.4.40
httpd: limited cross-site scripting in mod_proxy error page
Medium 6.1
2020-04-01< 2.4.42
httpd: mod_rewrite configurations vulnerable to open redirect
Medium 5.9
2016-07-06≥ 2.4.17 and ≤ 2.4.18
httpd: mod_http2 denial-of-service by thread starvation
Medium 5.9
2018-03-26< 2.4.30
httpd: Use-after-free on HTTP/2 stream shutdown
Medium 5.9
2018-03-26< 2.4.30
httpd: Out of bounds access after failure in reading the HTTP request
Medium 5.9
2018-09-25≥ 2.4.17 and ≤ 2.4.34
httpd: DoS for HTTP/2 connections by continuous SETTINGS frames
Medium 5.9
2023-10-23≥ 2.4.17 and < 2.4.58
Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST
Medium 5.5
2021-06-10< 2.4.47
Improper Handling of Insufficient Privileges
Medium 5.4
2025-12-05< 2.4.66
Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Medium 5.4
2024-07-01≥ 2.4.55 and ≤ 2.4.59
Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2
Medium 5.3
2026-05-04< 2.4.67
Apache HTTP Server: mod_authn_socache crash
Medium 5.3
2026-05-04< 2.4.67
Apache HTTP Server: Off-by-one OOB reads in AJP getter functions
Medium 5.3
2026-05-04< 2.4.67
Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)
Medium 5.3
2024-07-18≥ 2.4.60 and < 2.4.62
Apache HTTP Server: source code disclosure with handlers configured via AddType
Medium 5.3
2020-08-07≥ 2.4.1 and ≤ 2.4.23
httpd: IP address spoofing when proxying using mod_remoteip and mod_rewrite
Medium 5.3
2018-03-26< 2.4.30
httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications
Medium 5.3
2019-01-30≥ 2.4.17 and ≤ 2.4.37
httpd: mod_http2: DoS via slow, unneeded request bodies
Medium 5.3
2019-06-11< 2.4.39
httpd: URL normalization inconsistency
Medium 5.3
2019-06-11≥ 2.4.17 and ≤ 2.4.38
httpd: mod_http2: read-after-free on a string compare
Medium 5.3
2020-04-01< 2.4.42
httpd: mod_proxy_ftp use of uninitialized value
Medium 5.3
2021-06-10≥ 2.4.39 and ≤ 2.4.46
Unexpected URL matching with 'MergeSlashes OFF'
Medium 5.3
2021-06-10≥ 2.4.6 and ≤ 2.4.46
mod_proxy_wstunnel tunneling of non Upgraded connections
Medium 5.3
2022-06-08< 2.4.54
read beyond bounds via ap_rwrite()
Medium 5.3
2022-06-08< 2.4.54
read beyond bounds in mod_isapi
Medium 5.3
2023-01-17< 2.4.55
Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting
Medium 5.0
2014-03-18≥ 2.4.1 and < 2.4.9
httpd: mod_log_config does not properly handle logging certain cookies resulting in DoS
Medium 5.0
2014-03-18≥ 2.4.1 and < 2.4.9
httpd: mod_dav denial of service via crafted DAV WRITE request
Medium 5.0
2014-07-20< 2.4.10
httpd: mod_cgid denial of service
Medium 5.0
2014-12-15= 2.4.10
httpd: mod_proxy_fcgi handle_headers() buffer over read
Medium 5.0
2014-10-10≥ 2.4.1 and ≤ 2.4.10
httpd: NULL pointer dereference in mod_cache if Content-Type has empty value
Medium 5.0
2014-04-15≥ 2.4.1 and ≤ 2.4.10
httpd: bypass of mod_headers rules via chunked requests
Medium 5.0
2015-07-20= 2.4.12
httpd: NULL pointer dereference crash with ErrorDocument 400 pointing to a local URL-path
Medium 5.0
2015-03-08< 2.4.13
httpd: Possible mod_lua crash due to websocket bug
Medium 4.8
2026-05-04< 2.4.67
Apache HTTP Server: mod_auth_digest timing attack
Medium 4.3
2008-01-25< 2.4.3
httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled
Medium 4.3
2018-03-09< 2.4.23
mod_cluster: Protocol parsing logic error
Medium 4.3
2012-08-22< 2.4.3
mod_proxy_http): Information disclosure due improper management of back end server connection close within error handling
Medium 4.3
2013-02-26< 2.4.4
httpd: XSS flaw in mod_proxy_balancer manager interface
Medium 4.3
2013-02-26< 2.4.4
httpd: multiple XSS flaws due to unescaped hostnames
Medium 4.3
2013-07-10≥ 2.4.1 and < 2.4.6
httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav
Medium 4.3
2014-07-20= 2.4.6
httpd: mod_cache NULL pointer dereference crash
Medium 4.3
2014-07-20≥ 2.4.1 and < 2.4.10
httpd: mod_deflate denial of service
Medium 4.3
2014-07-20≥ 2.4.6 and ≤ 2.4.9
httpd: mod_proxy denial of service
Medium 4.3
2014-12-29≥ 2.4.1 and ≤ 2.4.10
httpd: LuaAuthzProvider argument handling issue
Medium 4.2
2019-06-11≥ 2.4.34 and ≤ 2.4.38
httpd: mod_http2: possible crash on late upgrade
Low 3.7
2015-07-20< 2.4.14
httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4
Low 3.7
2015-07-20< 2.4.16
httpd: HTTP request smuggling attack against chunked request parser
Low 2.6
2012-08-22< 2.4.3
httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled
N/A
2026-05-05< 2.4.67
Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()