Software Detail

Software Informaton Top

Web Server

Software Detail

Apache HTTP Server

Number Of NVD

298

CRITICAL

HIGH

101

MEDIUM

159

LOW

URL	https://httpd.apache.org/
Explanation	It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache. The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server". It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag	オープンソース Apache License v2.0

Add Information URL

No	Type	Name	URL
1			https://httpd.apache.org/download.cgi

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Security Support Service Pack Support	Critical	High	Medium	Low
241	Apache HTTP Server 2.4	2.4.67	May 4, 2026	Feb. 21, 2012		22	39	36	1
242	Apache HTTP Server 2.0	2.0.65	July 10, 2013	April 6, 2002	July 10, 2013	9	29	73	5
243	Apache HTTP Server 2.3	2.3.9				8	10	9	0
244	Apache HTTP Server 2.2	2.2.9				12	21	69	7
245	Apache HTTP Server 2.1	2.1.9				9	10	13	0
246	Apache HTTP Server 2.0	2.0.9				9	22	54	4
247	Apache HTTP Server 12.2	12.2.1.3.0				0	0	0	0
248	Apache HTTP Server 12.1	12.1.3.0.0				0	0	0	0
249	Apache HTTP Server 11.1	11.1.1.9.0				0	0	0	0
250	Apache HTTP Server 1.99	1.99				9	12	12	0
251	Apache HTTP Server 1.4	1.4.0				9	12	12	0
252	Apache HTTP Server 1.3	1.3.9				10	28	43	3
253	Apache HTTP Server 1.2	1.2.9				9	17	19	0
254	Apache HTTP Server 1.15	1.15.17				9	13	12	0
255	Apache HTTP Server 1.1	1.1.1				9	19	20	0
256	Apache HTTP Server 1.0	1.0.5				9	18	20	0
257	Apache HTTP Server 0.8	0.8.14				9	17	19	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	less than	Update date Published date	Show Affected	Exploit PoC Search
241	- 5.0	MEDIUM	Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.	NVD-CWE-Other	CVE-2003-0134	cpe:2.3:a:apache:http_server:2.0:* cpe:2.3:a:apache:http_server:2.0.9:* cpe:2.3:a:apache:http_server:2.0.45:* …			2023-11-7 10:56 2003-04-11	Show	GitHub Exploit DB Packet Storm

242	- 5.0	MEDIUM	Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into t…	NVD-CWE-Other	CVE-2003-0083	cpe:2.3:a:apache:http_server::	2.0.0 1.3.0	2.0.46 1.3.26	2023-11-7 10:56 2003-04-2	Show	GitHub Exploit DB Packet Storm

243	- 5.0	MEDIUM	Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to …	NVD-CWE-Other	CVE-2003-0020	cpe:2.3:a:apache:http_server::	2.0.0 1.3.0	2.0.49 1.3.31	2023-11-7 10:56 2003-03-18	Show	GitHub Exploit DB Packet Storm

244	- 7.5	HIGH	Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-D…	NVD-CWE-Other	CVE-2003-0016	cpe:2.3:a:apache:http_server:2.0.43:* cpe:2.3:a:apache:http_server:2.0.42:* cpe:2.3:a:apache:http_server:2.0.41:*…			2023-11-7 10:56 2003-02-7	Show	GitHub Exploit DB Packet Storm

245	- 5.0	MEDIUM	Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filenam…	NVD-CWE-Other	CVE-2003-0017	cpe:2.3:a:apache:http_server:2.0.43:* cpe:2.3:a:apache:http_server:2.0.42:* cpe:2.3:a:apache:http_server:2.0.41:*…			2023-11-7 10:56 2003-02-7	Show	GitHub Exploit DB Packet Storm

246	- 4.6	MEDIUM	Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setui…	NVD-CWE-Other	CVE-2002-1658	cpe:2.3:a:apache:http_server:1.3.9:* cpe:2.3:a:apache:http_server:1.3.6:* cpe:2.3:a:apache:http_server:1.3.4:*			2017-07-11 10:29 2002-12-31	Show	GitHub Exploit DB Packet Storm

247	- 5.0	MEDIUM	Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.	NVD-CWE-Other	CVE-2002-2012	cpe:2.3:a:apache:http_server:1.3.19:*			2008-09-6 05:32 2002-12-31	Show	GitHub Exploit DB Packet Storm

248	- 7.5	HIGH	PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for ph…	NVD-CWE-Other	CVE-2002-2029	cpe:2.3:a:apache:http_server:1.3.20:* cpe:2.3:a:apache:http_server:1.3.19:* cpe:2.3:a:apache:http_server:1.3.18:*…			2008-09-6 05:32 2002-12-31	Show	GitHub Exploit DB Packet Storm

249	- 5.0	MEDIUM	Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide…	NVD-CWE-Other	CVE-2002-2103	cpe:2.3:a:apache:http_server:1.3.9:* cpe:2.3:a:apache:http_server:1.3.23:* cpe:2.3:a:apache:http_server:1.3.22:*<…			2008-09-6 05:32 2002-12-31	Show	GitHub Exploit DB Packet Storm

250	- 7.8	HIGH	Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2002-2272	cpe:2.3:a:apache:http_server:1.3:* cpe:2.3:a:apache:http_server:1.3.2:* cpe:2.3:a:apache:http_server:1.3.27:* …			2017-07-29 10:29 2002-12-31	Show	GitHub Exploit DB Packet Storm