Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Apache HTTP Server Number Of NVD 298 CRITICAL 25 HIGH 101 MEDIUM 159 LOW 13
URL https://httpd.apache.org/
Explanation It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache.

The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server".

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • オープンソース
  • Apache License v2.0
Add Information URL
No Type Name URL
1 https://httpd.apache.org/download.cgi
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
211 New!! Apache HTTP Server 2.4 2.4.68 June 8, 2026 Feb. 21, 2012 22 39 36 1
212 Apache HTTP Server 2.0 2.0.65 July 10, 2013 April 6, 2002 July 10, 2013 9 29 73 5
213 Apache HTTP Server 2.3 2.3.9 8 10 9 0
214 Apache HTTP Server 2.2 2.2.9 12 21 69 7
215 Apache HTTP Server 2.1 2.1.9 9 10 13 0
216 Apache HTTP Server 2.0 2.0.9 9 22 54 4
217 Apache HTTP Server 12.2 12.2.1.3.0 0 0 0 0
218 Apache HTTP Server 12.1 12.1.3.0.0 0 0 0 0
219 Apache HTTP Server 11.1 11.1.1.9.0 0 0 0 0
220 Apache HTTP Server 1.99 1.99 9 12 12 0
221 Apache HTTP Server 1.4 1.4.0 9 12 12 0
222 Apache HTTP Server 1.3 1.3.9 10 28 43 3
223 Apache HTTP Server 1.2 1.2.9 9 17 19 0
224 Apache HTTP Server 1.15 1.15.17 9 13 12 0
225 Apache HTTP Server 1.1 1.1.1 9 19 20 0
226 Apache HTTP Server 1.0 1.0.5 9 18 20 0
227 Apache HTTP Server 0.8 0.8.14 9 17 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
211 -
7.5 		HIGH Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication c… NVD-CWE-Other
CVE-2004-0811 cpe:2.3:a:apache:http_server:2.0.51:* 2023-11-7 10:56
2004-12-31 		Show GitHub Exploit DB Packet Storm
212 -
7.2 		HIGH Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. … NVD-CWE-Other
CVE-2004-2343 cpe:2.3:a:apache:http_server:*:* 2.0.47 2024-08-8 11:15
2004-12-31 		Show GitHub Exploit DB Packet Storm
213 -
5.0 		MEDIUM PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow … NVD-CWE-Other
CVE-2004-0263 cpe:2.3:a:apache:http_server:2.0:*
cpe:2.3:a:apache:http_server:2.0.9:*
cpe:2.3:a:apache:http_server:2.0.48:*
 2017-10-10 10:30
2004-11-23 		Show GitHub Exploit DB Packet Storm
214 -
7.5 		HIGH The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any ciph… NVD-CWE-Other
CVE-2004-0885 cpe:2.3:a:apache:http_server:2.0.52:*
cpe:2.3:a:apache:http_server:2.0.51:*
cpe:2.3:a:apache:http_server:2.0.50:*… 		2023-11-7 10:56
2004-11-3 		Show GitHub Exploit DB Packet Storm
215 -
5.0 		MEDIUM mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infi… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2004-0748 cpe:2.3:a:apache:http_server:*:* 2.0.35 2.0.51 2023-11-7 10:56
2004-10-20 		Show GitHub Exploit DB Packet Storm
216 -
5.0 		MEDIUM The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). NVD-CWE-noinfo
CVE-2004-0751 cpe:2.3:a:apache:http_server:*:* 2.0.44 2.0.51 2023-11-7 10:56
2004-10-20 		Show GitHub Exploit DB Packet Storm
217 -
5.0 		MEDIUM The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using … NVD-CWE-noinfo
CVE-2004-0786 cpe:2.3:a:apache:http_server:*:* 2.0.35 2.0.51 2023-11-7 10:56
2004-10-20 		Show GitHub Exploit DB Packet Storm
218 7.8
4.6 		HIGH
Local 		Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. CWE-131
Incorrect Calculation of Buffer Size 		CVE-2004-0747 cpe:2.3:a:apache:http_server:*:* 2.0.35 2.0.51 2024-02-2 23:03
2004-10-20 		Show GitHub Exploit DB Packet Storm
219 -
5.0 		MEDIUM The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV au… NVD-CWE-noinfo
CVE-2004-0809 cpe:2.3:a:apache:http_server:*:* 2.0.35 2.0.51 2023-11-7 10:56
2004-09-16 		Show GitHub Exploit DB Packet Storm
220 -
10.0 		HIGH Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a nega… NVD-CWE-Other
CVE-2004-0492 cpe:2.3:a:apache:http_server:1.3.31:*
cpe:2.3:a:apache:http_server:1.3.29:*
cpe:2.3:a:apache:http_server:1.3.28:*… 		2023-11-7 10:56
2004-08-6 		Show GitHub Exploit DB Packet Storm