Apache: Security Vulnerabilities
When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.
CVSS Score
7.5
EPSS Score
0.013
Published
2017-08-07
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.
CVSS Score
7.5
EPSS Score
0.417
Published
2017-07-27
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
CVSS Score
7.5
EPSS Score
0.396
Published
2017-07-27
Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.
CVSS Score
7.5
EPSS Score
0.084
Published
2017-07-27
A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.
CVSS Score
7.5
EPSS Score
0.384
Published
2017-07-26
In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.
CVSS Score
6.1
EPSS Score
0.011
Published
2017-07-19
In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (SSRF), port-scanning behind the firewall or DoS the application.
CVSS Score
9.8
EPSS Score
0.013
Published
2017-07-19
Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PATCH.
CVSS Score
5.3
EPSS Score
0.011
Published
2017-07-17
Apache OpenMeetings 1.0.0 updates user password in insecure manner.
CVSS Score
7.5
EPSS Score
0.011
Published
2017-07-17
Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.
CVSS Score
6.1
EPSS Score
0.008
Published
2017-07-17