Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Apache HTTP Server Number Of NVD 298 CRITICAL 25 HIGH 101 MEDIUM 159 LOW 13
URL https://httpd.apache.org/
Explanation It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache.

The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server".

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • オープンソース
  • Apache License v2.0
Add Information URL
No Type Name URL
1 https://httpd.apache.org/download.cgi
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
281 Apache HTTP Server 2.4 2.4.67 May 4, 2026 Feb. 21, 2012 22 39 36 1
282 Apache HTTP Server 2.0 2.0.65 July 10, 2013 April 6, 2002 July 10, 2013 9 29 73 5
283 Apache HTTP Server 2.3 2.3.9 8 10 9 0
284 Apache HTTP Server 2.2 2.2.9 12 21 69 7
285 Apache HTTP Server 2.1 2.1.9 9 10 13 0
286 Apache HTTP Server 2.0 2.0.9 9 22 54 4
287 Apache HTTP Server 12.2 12.2.1.3.0 0 0 0 0
288 Apache HTTP Server 12.1 12.1.3.0.0 0 0 0 0
289 Apache HTTP Server 11.1 11.1.1.9.0 0 0 0 0
290 Apache HTTP Server 1.99 1.99 9 12 12 0
291 Apache HTTP Server 1.4 1.4.0 9 12 12 0
292 Apache HTTP Server 1.3 1.3.9 10 28 43 3
293 Apache HTTP Server 1.2 1.2.9 9 17 19 0
294 Apache HTTP Server 1.15 1.15.17 9 13 12 0
295 Apache HTTP Server 1.1 1.1.1 9 19 20 0
296 Apache HTTP Server 1.0 1.0.5 9 18 20 0
297 Apache HTTP Server 0.8 0.8.14 9 17 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
281 -
5.0 		MEDIUM Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under th… NVD-CWE-Other
CVE-2000-1204 cpe:2.3:a:apache:http_server:1.3.9:*
cpe:2.3:a:apache:http_server:1.3.12:*
cpe:2.3:a:apache:http_server:1.3.11:* 		2023-11-7 10:55
2000-10-13 		Show GitHub Exploit DB Packet Storm
282 -
5.0 		MEDIUM The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters. NVD-CWE-Other
CVE-2000-0505 cpe:2.3:a:apache:http_server:1.3.9:*
cpe:2.3:a:apache:http_server:1.3.6:*
cpe:2.3:a:apache:http_server:1.3.12:* 		2023-11-7 10:55
2000-05-31 		Show GitHub Exploit DB Packet Storm
283 -
4.3 		MEDIUM Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode i… CWE-79
Cross-site Scripting 		CVE-2000-1205 cpe:2.3:a:apache:http_server:1.3.9:*
cpe:2.3:a:apache:http_server:1.3.8:*
cpe:2.3:a:apache:http_server:1.3.7:* 		2023-11-7 10:55
2000-02-1 		Show GitHub Exploit DB Packet Storm
284 -
10.0 		HIGH mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. NVD-CWE-Other
CVE-1999-1293 cpe:2.3:a:apache:http_server:*:* 1.2.5 2016-10-18 11:02
1999-12-31 		Show GitHub Exploit DB Packet Storm
285 -
5.0 		MEDIUM The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. NVD-CWE-noinfo
CVE-1999-0289 cpe:2.3:a:apache:http_server:-:* 2022-08-17 19:15
1999-12-12 		Show GitHub Exploit DB Packet Storm
286 -
7.5 		HIGH guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1… NVD-CWE-Other
CVE-1999-1053 cpe:2.3:a:apache:http_server:1.3.9:* 2008-09-6 05:18
1999-09-13 		Show GitHub Exploit DB Packet Storm
287 -
10.0 		HIGH Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. NVD-CWE-Other
CVE-1999-0926 cpe:2.3:a:apache:http_server:1.2.5:* 2008-09-6 05:18
1999-09-3 		Show GitHub Exploit DB Packet Storm
288 -
5.0 		MEDIUM Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. NVD-CWE-Other
CVE-2000-1206 cpe:2.3:a:apache:http_server:1.3.9:*
cpe:2.3:a:apache:http_server:1.3.10:* 		2023-11-7 10:55
1999-08-20 		Show GitHub Exploit DB Packet Storm
289 -
10.0 		HIGH Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long … CWE-120
Classic Buffer Overflow 		CVE-1999-1237 cpe:2.3:a:apache:http_server:-:* 2020-07-21 22:53
1999-06-6 		Show GitHub Exploit DB Packet Storm
290 -
5.0 		MEDIUM A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which ge… NVD-CWE-noinfo
CVE-1999-1412 cpe:2.3:a:apache:http_server:-:* 2021-09-22 23:22
1999-06-3 		Show GitHub Exploit DB Packet Storm