Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Apache HTTP Server Number Of NVD 283 CRITICAL 22 HIGH 92 MEDIUM 156 LOW 13
URL https://httpd.apache.org/
Explanation It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache.

The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server".

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • Apache License v2.0
  • オープンソース
Add Information URL
No Type Name URL
1 https://httpd.apache.org/download.cgi
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
191 Apache HTTP Server 2.4 2.4.66 Dec. 4, 2025 Feb. 21, 2012 19 33 33 1
192 Apache HTTP Server 2.0 2.0.65 July 10, 2013 April 6, 2002 July 10, 2013 8 28 72 5
193 Apache HTTP Server 2.3 2.3.9 7 9 8 0
194 Apache HTTP Server 2.2 2.2.9 11 20 68 7
195 Apache HTTP Server 2.1 2.1.9 8 9 12 0
196 Apache HTTP Server 2.0 2.0.9 8 21 53 4
197 Apache HTTP Server 12.2 12.2.1.3.0 0 0 0 0
198 Apache HTTP Server 12.1 12.1.3.0.0 0 0 0 0
199 Apache HTTP Server 11.1 11.1.1.9.0 0 0 0 0
200 Apache HTTP Server 1.99 1.99 8 11 11 0
201 Apache HTTP Server 1.4 1.4.0 8 11 11 0
202 Apache HTTP Server 1.3 1.3.9 9 27 42 3
203 Apache HTTP Server 1.2 1.2.9 8 16 18 0
204 Apache HTTP Server 1.15 1.15.17 8 12 11 0
205 Apache HTTP Server 1.1 1.1.1 8 18 19 0
206 Apache HTTP Server 1.0 1.0.5 8 17 19 0
207 Apache HTTP Server 0.8 0.8.14 8 16 18 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
191 -
4.3 		MEDIUM The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct X… CWE-444
HTTP Request Smuggling 		CVE-2005-2088 cpe:2.3:a:apache:http_server:*:* 2.0.35 2.0.55 2024-02-9 11:40
2005-07-5 		Show GitHub Exploit DB Packet Storm
192 -
7.5 		HIGH Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgi… NVD-CWE-Other
CVE-2005-1344 cpe:2.3:a:apache:http_server:2.0.52:* 2008-09-11 04:38
2005-05-2 		Show GitHub Exploit DB Packet Storm
193 -
5.0 		MEDIUM Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of … NVD-CWE-Other
CVE-2004-0942 cpe:2.3:a:apache:http_server:*:* 2.0.52 2023-11-7 10:56
2005-02-9 		Show GitHub Exploit DB Packet Storm
194 7.8
6.9 		HIGH
Local 		Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents… CWE-131
Incorrect Calculation of Buffer Size 		CVE-2004-0940 cpe:2.3:a:apache:http_server:*:* 1.3 1.3.32 2024-02-2 12:05
2005-02-9 		Show GitHub Exploit DB Packet Storm
195 -
2.1 		LOW The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2004-1387 cpe:2.3:a:apache:http_server:1.3.31:* 2018-10-4 06:29
2004-12-31 		Show GitHub Exploit DB Packet Storm
196 -
7.5 		HIGH Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication c… NVD-CWE-Other
CVE-2004-0811 cpe:2.3:a:apache:http_server:2.0.51:* 2023-11-7 10:56
2004-12-31 		Show GitHub Exploit DB Packet Storm
197 -
7.2 		HIGH Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. … NVD-CWE-Other
CVE-2004-2343 cpe:2.3:a:apache:http_server:*:* 2.0.47 2024-08-8 11:15
2004-12-31 		Show GitHub Exploit DB Packet Storm
198 -
5.0 		MEDIUM PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow … NVD-CWE-Other
CVE-2004-0263 cpe:2.3:a:apache:http_server:2.0:*
cpe:2.3:a:apache:http_server:2.0.9:*
cpe:2.3:a:apache:http_server:2.0.48:*
 2017-10-10 10:30
2004-11-23 		Show GitHub Exploit DB Packet Storm
199 -
7.5 		HIGH The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any ciph… NVD-CWE-Other
CVE-2004-0885 cpe:2.3:a:apache:http_server:2.0.52:*
cpe:2.3:a:apache:http_server:2.0.51:*
cpe:2.3:a:apache:http_server:2.0.50:*… 		2023-11-7 10:56
2004-11-3 		Show GitHub Exploit DB Packet Storm
200 -
5.0 		MEDIUM mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infi… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2004-0748 cpe:2.3:a:apache:http_server:*:* 2.0.35 2.0.51 2023-11-7 10:56
2004-10-20 		Show GitHub Exploit DB Packet Storm