Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Apache HTTP Server Number Of NVD 298 CRITICAL 25 HIGH 101 MEDIUM 159 LOW 13
URL https://httpd.apache.org/
Explanation It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache.

The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server".

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • オープンソース
  • Apache License v2.0
Add Information URL
No Type Name URL
1 https://httpd.apache.org/download.cgi
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
231 Apache HTTP Server 2.4 2.4.67 May 4, 2026 Feb. 21, 2012 22 39 36 1
232 Apache HTTP Server 2.0 2.0.65 July 10, 2013 April 6, 2002 July 10, 2013 9 29 73 5
233 Apache HTTP Server 2.3 2.3.9 8 10 9 0
234 Apache HTTP Server 2.2 2.2.9 12 21 69 7
235 Apache HTTP Server 2.1 2.1.9 9 10 13 0
236 Apache HTTP Server 2.0 2.0.9 9 22 54 4
237 Apache HTTP Server 12.2 12.2.1.3.0 0 0 0 0
238 Apache HTTP Server 12.1 12.1.3.0.0 0 0 0 0
239 Apache HTTP Server 11.1 11.1.1.9.0 0 0 0 0
240 Apache HTTP Server 1.99 1.99 9 12 12 0
241 Apache HTTP Server 1.4 1.4.0 9 12 12 0
242 Apache HTTP Server 1.3 1.3.9 10 28 43 3
243 Apache HTTP Server 1.2 1.2.9 9 17 19 0
244 Apache HTTP Server 1.15 1.15.17 9 13 12 0
245 Apache HTTP Server 1.1 1.1.1 9 19 20 0
246 Apache HTTP Server 1.0 1.0.5 9 18 20 0
247 Apache HTTP Server 0.8 0.8.14 9 17 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
231 -
4.3 		MEDIUM The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated … NVD-CWE-Other
CVE-2003-1307 cpe:2.3:a:apache:http_server:2.0:*
cpe:2.3:a:apache:http_server:2.0.9:*
cpe:2.3:a:apache:http_server:2.0.48:*
 2024-08-8 12:15
2003-12-31 		Show GitHub Exploit DB Packet Storm
232 -
7.2 		HIGH Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbit… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2003-0542 cpe:2.3:a:apache:http_server:2.0:*
cpe:2.3:a:apache:http_server:2.0.47:*
cpe:2.3:a:apache:http_server:2.0.46:* 		2023-11-7 10:56
2003-11-3 		Show GitHub Exploit DB Packet Storm
233 -
10.0 		HIGH mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. NVD-CWE-noinfo
CVE-2003-0789 cpe:2.3:a:apache:http_server:*:* 2.0.35 2.0.48 2023-11-7 10:56
2003-11-3 		Show GitHub Exploit DB Packet Storm
234 -
5.0 		MEDIUM The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers t… NVD-CWE-Other
CVE-2003-0460 cpe:2.3:a:apache:http_server:*:* 1.3.27 2023-11-7 10:56
2003-08-27 		Show GitHub Exploit DB Packet Storm
235 -
6.4 		MEDIUM Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrad… NVD-CWE-Other
CVE-2003-0192 cpe:2.3:a:apache:http_server:2.0:*
cpe:2.3:a:apache:http_server:2.0.46:*
cpe:2.3:a:apache:http_server:2.0.45:* 		2023-11-7 10:56
2003-08-18 		Show GitHub Exploit DB Packet Storm
236 -
5.0 		MEDIUM The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. NVD-CWE-Other
CVE-2003-0253 cpe:2.3:a:apache:http_server:2.0:*
cpe:2.3:a:apache:http_server:2.0.46:*
cpe:2.3:a:apache:http_server:2.0.45:* 		2023-11-7 10:56
2003-08-18 		Show GitHub Exploit DB Packet Storm
237 -
5.0 		MEDIUM Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. NVD-CWE-Other
CVE-2003-0254 cpe:2.3:a:apache:http_server:2.0:*
cpe:2.3:a:apache:http_server:2.0.46:*
cpe:2.3:a:apache:http_server:2.0.45:* 		2023-11-7 10:56
2003-08-18 		Show GitHub Exploit DB Packet Storm
238 -
5.0 		MEDIUM The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial o… NVD-CWE-Other
CVE-2003-0189 cpe:2.3:a:apache:http_server:2.0.45:*
cpe:2.3:a:apache:http_server:2.0.44:*
cpe:2.3:a:apache:http_server:2.0.43:*… 		2023-11-7 10:56
2003-06-9 		Show GitHub Exploit DB Packet Storm
239 -
5.0 		MEDIUM Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly exec… NVD-CWE-Other
CVE-2003-0245 cpe:2.3:a:apache:http_server:2.0.45:*
cpe:2.3:a:apache:http_server:2.0.44:*
cpe:2.3:a:apache:http_server:2.0.43:*… 		2023-11-7 10:56
2003-06-9 		Show GitHub Exploit DB Packet Storm
240 -
5.0 		MEDIUM A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes … CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2003-0132 cpe:2.3:a:apache:http_server:*:* 2.0.0 2.0.44 2023-11-7 10:56
2003-04-11 		Show GitHub Exploit DB Packet Storm