Software Detail

Software Informaton Top

Web Server

Software Detail

Apache HTTP Server

Number Of NVD

283

CRITICAL

HIGH

MEDIUM

156

LOW

URL	https://httpd.apache.org/
Explanation	It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache. The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server". It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag	オープンソース Apache License v2.0

Add Information URL

No	Type	Name	URL
1			https://httpd.apache.org/download.cgi

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Security Support Service Pack Support	Critical	High	Medium	Low
121	Apache HTTP Server 2.4	2.4.66	Dec. 4, 2025	Feb. 21, 2012		19	33	33	1
122	Apache HTTP Server 2.0	2.0.65	July 10, 2013	April 6, 2002	July 10, 2013	8	28	72	5
123	Apache HTTP Server 2.3	2.3.9				7	9	8	0
124	Apache HTTP Server 2.2	2.2.9				11	20	68	7
125	Apache HTTP Server 2.1	2.1.9				8	9	12	0
126	Apache HTTP Server 2.0	2.0.9				8	21	53	4
127	Apache HTTP Server 12.2	12.2.1.3.0				0	0	0	0
128	Apache HTTP Server 12.1	12.1.3.0.0				0	0	0	0
129	Apache HTTP Server 11.1	11.1.1.9.0				0	0	0	0
130	Apache HTTP Server 1.99	1.99				8	11	11	0
131	Apache HTTP Server 1.4	1.4.0				8	11	11	0
132	Apache HTTP Server 1.3	1.3.9				9	27	42	3
133	Apache HTTP Server 1.2	1.2.9				8	16	18	0
134	Apache HTTP Server 1.15	1.15.17				8	12	11	0
135	Apache HTTP Server 1.1	1.1.1				8	18	19	0
136	Apache HTTP Server 1.0	1.0.5				8	17	19	0
137	Apache HTTP Server 0.8	0.8.14				8	16	18	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	or less	less than	Update date Published date	Show Affected	Exploit PoC Search
121	- 4.6	MEDIUM	scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a …	NVD-CWE-noinfo	CVE-2012-0031	cpe:2.3:a:apache:http_server::	2.0.0 2.2.0		2.0.65 2.2.22	2024-11-21 10:34 2012-01-19	Show	GitHub Exploit DB Packet Storm

122	- 5.0	MEDIUM	The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtime…	CWE-399 Resource Management Errors	CVE-2007-6750	cpe:2.3:a:apache:http_server:2.2:* cpe:2.3:a:apache:http_server:2.2.9:* cpe:2.3:a:apache:http_server:2.2.8:* c…		2.2.14		2024-11-21 09:40 2011-12-28	Show	GitHub Exploit DB Packet Storm

123	- 4.3	MEDIUM	The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use o…	CWE-20 Improper Input Validation	CVE-2011-4317	cpe:2.3:a:apache:http_server:2.2.9:* cpe:2.3:a:apache:http_server:2.2.8:* cpe:2.3:a:apache:http_server:2.2.6:*				2024-11-21 10:32 2011-11-30	Show	GitHub Exploit DB Packet Storm

124	- 4.3	MEDIUM	The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2…	CWE-20 Improper Input Validation	CVE-2011-3639	cpe:2.3:a:apache:http_server:2.2.9:* cpe:2.3:a:apache:http_server:2.2.8:* cpe:2.3:a:apache:http_server:2.2.6:*				2024-11-21 10:30 2011-11-30	Show	GitHub Exploit DB Packet Storm

125	- 1.2	LOW	The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of envi…	CWE-20 Improper Input Validation	CVE-2011-4415	cpe:2.3:a:apache:http_server:2.2.9:* cpe:2.3:a:apache:http_server:2.2.8:* cpe:2.3:a:apache:http_server:2.2.6:*				2024-11-21 10:32 2011-11-8	Show	GitHub Exploit DB Packet Storm

126	- 4.4	MEDIUM	Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to ga…	CWE-189 Numeric Errors	CVE-2011-3607	cpe:2.3:a:apache:http_server:2.2.9:* cpe:2.3:a:apache:http_server:2.2.8:* cpe:2.3:a:apache:http_server:2.2.6:*				2024-11-21 10:30 2011-11-8	Show	GitHub Exploit DB Packet Storm

127	- 5.0	MEDIUM	The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patte…	CWE-20 Improper Input Validation	CVE-2011-3368	cpe:2.3:a:apache:http_server:2.2.9:* cpe:2.3:a:apache:http_server:2.2.8:* cpe:2.3:a:apache:http_server:2.2.6:*				2024-11-21 10:30 2011-10-6	Show	GitHub Exploit DB Packet Storm

128	- 4.3	MEDIUM	The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error s…	CWE-400 Uncontrolled Resource Consumption	CVE-2011-3348	cpe:2.3:a:apache:http_server::	2.2.12	2.2.20		2024-11-21 10:30 2011-09-20	Show	GitHub Exploit DB Packet Storm

129	- 7.8	HIGH	The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range head…	CWE-400 Uncontrolled Resource Consumption	CVE-2011-3192	cpe:2.3:a:apache:http_server::	2.2.0 2.0.35		2.2.20 2.0.65	2024-11-21 10:29 2011-08-30	Show	GitHub Exploit DB Packet Storm

130	- 4.3	MEDIUM	The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infi…	CWE-399 Resource Management Errors	CVE-2011-1928	cpe:2.3:a:apache:http_server:2.2.18:*				2024-11-21 10:27 2011-05-25	Show	GitHub Exploit DB Packet Storm