apache2 (SUSE:Manager Proxy 4.2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Proxy 4.2 package apache2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2023-25690 — CVSS 9.8 (critical): Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are…
CVE-2022-36760 — CVSS 9.0 (critical): Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an…
CVE-2006-20001 — CVSS 7.5 (high): A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the…
CVE-2023-27522 — CVSS 7.5 (high): HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through…
CVE-2023-31122 — CVSS 7.5 (high): Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.
CVE-2022-37436 — CVSS 5.3 (medium): Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers…