Vulnerabilities > Apache

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-30	CVE-2021-32567	Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. network low complexity apache debian CWE-20	5.0
2021-06-30	CVE-2021-35474	Out-of-bounds Write vulnerability in multiple products Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. network low complexity apache debian CWE-787	7.5
2021-06-29	CVE-2021-27577	HTTP Request Smuggling vulnerability in multiple products Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. network low complexity apache debian CWE-444	5.0
2021-06-29	CVE-2021-32565	HTTP Request Smuggling vulnerability in multiple products Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. network low complexity apache debian CWE-444	5.0
2021-06-21	CVE-2021-26461	Integer Overflow or Wraparound vulnerability in Apache Nuttx Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. network low complexity apache CWE-190	7.5
2021-06-16	CVE-2021-30468	Infinite Loop vulnerability in multiple products A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. network low complexity apache oracle CWE-835	7.5
2021-06-16	CVE-2021-33813	XXE vulnerability in multiple products An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. network low complexity jdom apache debian fedoraproject oracle CWE-611	7.5
2021-06-16	CVE-2020-9493	Deserialization of Untrusted Data vulnerability in multiple products A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution. network low complexity apache qos CWE-502 critical	9.8
2021-06-15	CVE-2021-31618	NULL Pointer Dereference vulnerability in multiple products Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. network low complexity apache fedoraproject debian oracle CWE-476	7.5
2021-06-12	CVE-2021-31811	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. local low complexity apache fedoraproject oracle CWE-770	5.5

Vulnerabilities > Apache {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Apache"}]}

Vulnerabilities > Apache