VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Apache
>
Http Server
> 2.4.14
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2016-07-19
CVE-2016-5387
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
network
high complexity
apache
hp
oracle
fedoraproject
redhat
debian
canonical
opensuse
8.1
8.1
«
Previous
1
2
3
4
5
6
(current)
»