Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Apache HTTP Server Number Of NVD 298 CRITICAL 25 HIGH 101 MEDIUM 159 LOW 13
URL https://httpd.apache.org/
Explanation It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache.

The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server".

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • オープンソース
  • Apache License v2.0
Add Information URL
No Type Name URL
1 https://httpd.apache.org/download.cgi
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
271 Apache HTTP Server 2.4 2.4.67 May 4, 2026 Feb. 21, 2012 22 39 36 1
272 Apache HTTP Server 2.0 2.0.65 July 10, 2013 April 6, 2002 July 10, 2013 9 29 73 5
273 Apache HTTP Server 2.3 2.3.9 8 10 9 0
274 Apache HTTP Server 2.2 2.2.9 12 21 69 7
275 Apache HTTP Server 2.1 2.1.9 9 10 13 0
276 Apache HTTP Server 2.0 2.0.9 9 22 54 4
277 Apache HTTP Server 12.2 12.2.1.3.0 0 0 0 0
278 Apache HTTP Server 12.1 12.1.3.0.0 0 0 0 0
279 Apache HTTP Server 11.1 11.1.1.9.0 0 0 0 0
280 Apache HTTP Server 1.99 1.99 9 12 12 0
281 Apache HTTP Server 1.4 1.4.0 9 12 12 0
282 Apache HTTP Server 1.3 1.3.9 10 28 43 3
283 Apache HTTP Server 1.2 1.2.9 9 17 19 0
284 Apache HTTP Server 1.15 1.15.17 9 13 12 0
285 Apache HTTP Server 1.1 1.1.1 9 19 20 0
286 Apache HTTP Server 1.0 1.0.5 9 18 20 0
287 Apache HTTP Server 0.8 0.8.14 9 17 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
271 9.8
7.5 		CRITICAL
Network 		Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters. CWE-178
 Improper Handling of Case Sensitivity 		CVE-2001-0766 cpe:2.3:a:apache:http_server:1.3.14:* 2024-02-2 11:13
2001-10-18 		Show GitHub Exploit DB Packet Storm
272 -
5.0 		MEDIUM Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string. NVD-CWE-Other
CVE-2001-0731 cpe:2.3:a:apache:http_server:1.3.20:* 2023-11-7 10:55
2001-10-1 		Show GitHub Exploit DB Packet Storm
273 -
5.0 		MEDIUM Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expressio… NVD-CWE-Other
CVE-2001-1072 cpe:2.3:a:apache:http_server:1.3.19:*
cpe:2.3:a:apache:http_server:1.3.17:*
cpe:2.3:a:apache:http_server:1.3.14:* 		2017-10-10 10:29
2001-08-31 		Show GitHub Exploit DB Packet Storm
274 -
5.0 		MEDIUM Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters… NVD-CWE-Other
CVE-2001-1342 cpe:2.3:a:apache:http_server:1.3.19:*
cpe:2.3:a:apache:http_server:1.3.18:*
cpe:2.3:a:apache:http_server:1.3.17:*… 		2023-11-7 10:55
2001-05-12 		Show GitHub Exploit DB Packet Storm
275 -
3.3 		LOW htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. CWE-59
Link Following 		CVE-2001-0131 cpe:2.3:a:apache:http_server:2.0:alpha9
cpe:2.3:a:apache:http_server:1.3.14:* 		2020-10-10 02:52
2001-03-12 		Show GitHub Exploit DB Packet Storm
276 -
5.0 		MEDIUM The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) chara… CWE-22
Path Traversal 		CVE-2001-0925 cpe:2.3:a:apache:http_server:1.3.17:*
cpe:2.3:a:apache:http_server:1.3.14:*
cpe:2.3:a:apache:http_server:1.3.12:*… 		2023-11-7 10:55
2001-03-12 		Show GitHub Exploit DB Packet Storm
277 -
5.0 		MEDIUM PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. NVD-CWE-Other
CVE-2001-0042 cpe:2.3:a:apache:http_server:1.3:* 2017-10-10 10:29
2001-02-16 		Show GitHub Exploit DB Packet Storm
278 -
5.0 		MEDIUM mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression. NVD-CWE-Other
CVE-2000-0913 cpe:2.3:a:apache:http_server:1.3.12:*
cpe:2.3:a:apache:http_server:1.3.11:*
cpe:2.3:a:apache:http_server:1.1:* 		2023-11-7 10:55
2000-12-19 		Show GitHub Exploit DB Packet Storm
279 -
5.0 		MEDIUM The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. NVD-CWE-Other
CVE-2000-0868 cpe:2.3:a:apache:http_server:1.3.12:* 2017-10-10 10:29
2000-11-14 		Show GitHub Exploit DB Packet Storm
280 -
5.0 		MEDIUM The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. NVD-CWE-Other
CVE-2000-0869 cpe:2.3:a:apache:http_server:1.3.12:* 2017-10-10 10:29
2000-11-14 		Show GitHub Exploit DB Packet Storm