Bugs fixes in "apache2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2026-23918 | Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are | 2026-05-06 |
| CVE | CVE-2026-34059 | Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to ve | 2026-05-06 |
| CVE | CVE-2026-34032 | Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are | 2026-05-06 |
| CVE | CVE-2026-33857 | Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recomme | 2026-05-06 |
| CVE | CVE-2026-33523 | HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apach | 2026-05-06 |
| CVE | CVE-2026-33007 | A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child p | 2026-05-06 |
| CVE | CVE-2026-33006 | A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recomm | 2026-05-06 |
| CVE | CVE-2026-29169 | A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious reques | 2026-05-06 |
| CVE | CVE-2026-29168 | Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data. This issue affects Apache | 2026-05-06 |
| CVE | CVE-2026-28780 | Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server | 2026-05-06 |
| CVE | CVE-2026-24072 | An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges | 2026-05-06 |
| CVE | CVE-2026-23918 | Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are | 2026-05-06 |
| CVE | CVE-2026-34059 | Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to ve | 2026-05-06 |
| CVE | CVE-2026-34032 | Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are | 2026-05-06 |
| CVE | CVE-2026-33857 | Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recomme | 2026-05-06 |
| CVE | CVE-2026-33523 | HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apach | 2026-05-06 |
| CVE | CVE-2026-33007 | A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child p | 2026-05-06 |
| CVE | CVE-2026-33006 | A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recomm | 2026-05-06 |
| CVE | CVE-2026-29169 | A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious reques | 2026-05-06 |
| CVE | CVE-2026-29168 | Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data. This issue affects Apache | 2026-05-06 |
About
-
Send Feedback to @ubuntu_updates
