Vulnerabilities > Apache
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-30 | CVE-2021-32567 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. | 5.0 |
2021-06-30 | CVE-2021-35474 | Out-of-bounds Write vulnerability in multiple products Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. | 7.5 |
2021-06-29 | CVE-2021-27577 | HTTP Request Smuggling vulnerability in multiple products Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. | 5.0 |
2021-06-29 | CVE-2021-32565 | HTTP Request Smuggling vulnerability in multiple products Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. | 5.0 |
2021-06-21 | CVE-2021-26461 | Integer Overflow or Wraparound vulnerability in Apache Nuttx Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. | 7.5 |
2021-06-16 | CVE-2021-30468 | Infinite Loop vulnerability in multiple products A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. | 7.5 |
2021-06-16 | CVE-2021-33813 | XXE vulnerability in multiple products An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. | 7.5 |
2021-06-16 | CVE-2020-9493 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution. | 9.8 |
2021-06-15 | CVE-2021-31618 | NULL Pointer Dereference vulnerability in multiple products Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. | 7.5 |
2021-06-12 | CVE-2021-31811 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. | 5.5 |