apache2 (SUSE:Enterprise Storage 5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Enterprise Storage 5 package apache2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2020-11993 — CVSS 7.5 (high): Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns…
CVE-2020-9490 — CVSS 7.5 (high): Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a…
CVE-2020-1927 — CVSS 6.1 (medium): In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by…
CVE-2020-11985 — CVSS 5.3 (medium): IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain…
CVE-2020-1934 — CVSS 5.3 (medium): In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.