Software Detail

Software Informaton Top

Web Server

Software Detail

Apache HTTP Server

Number Of NVD

283

CRITICAL

HIGH

MEDIUM

156

LOW

URL	https://httpd.apache.org/
Explanation	It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache. The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server". It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag	Apache License v2.0 オープンソース

Add Information URL

No	Type	Name	URL
1			https://httpd.apache.org/download.cgi

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Security Support Service Pack Support	Critical	High	Medium	Low
221	Apache HTTP Server 2.4	2.4.66	Dec. 4, 2025	Feb. 21, 2012		19	33	33	1
222	Apache HTTP Server 2.0	2.0.65	July 10, 2013	April 6, 2002	July 10, 2013	8	28	72	5
223	Apache HTTP Server 2.3	2.3.9				7	9	8	0
224	Apache HTTP Server 2.2	2.2.9				11	20	68	7
225	Apache HTTP Server 2.1	2.1.9				8	9	12	0
226	Apache HTTP Server 2.0	2.0.9				8	21	53	4
227	Apache HTTP Server 12.2	12.2.1.3.0				0	0	0	0
228	Apache HTTP Server 12.1	12.1.3.0.0				0	0	0	0
229	Apache HTTP Server 11.1	11.1.1.9.0				0	0	0	0
230	Apache HTTP Server 1.99	1.99				8	11	11	0
231	Apache HTTP Server 1.4	1.4.0				8	11	11	0
232	Apache HTTP Server 1.3	1.3.9				9	27	42	3
233	Apache HTTP Server 1.2	1.2.9				8	16	18	0
234	Apache HTTP Server 1.15	1.15.17				8	12	11	0
235	Apache HTTP Server 1.1	1.1.1				8	18	19	0
236	Apache HTTP Server 1.0	1.0.5				8	17	19	0
237	Apache HTTP Server 0.8	0.8.14				8	16	18	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	or less	less than	Update date Published date	Show Affected	Exploit PoC Search
221	- 5.0	MEDIUM	The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.	NVD-CWE-Other	CVE-2003-0253	cpe:2.3:a:apache:http_server:2.0:* cpe:2.3:a:apache:http_server:2.0.46:* cpe:2.3:a:apache:http_server:2.0.45:*				2023-11-7 10:56 2003-08-18	Show	GitHub Exploit DB Packet Storm

222	- 5.0	MEDIUM	Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.	NVD-CWE-Other	CVE-2003-0254	cpe:2.3:a:apache:http_server:2.0:* cpe:2.3:a:apache:http_server:2.0.46:* cpe:2.3:a:apache:http_server:2.0.45:*				2023-11-7 10:56 2003-08-18	Show	GitHub Exploit DB Packet Storm

223	- 5.0	MEDIUM	The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial o…	NVD-CWE-Other	CVE-2003-0189	cpe:2.3:a:apache:http_server:2.0.45:* cpe:2.3:a:apache:http_server:2.0.44:* cpe:2.3:a:apache:http_server:2.0.43:*…				2023-11-7 10:56 2003-06-9	Show	GitHub Exploit DB Packet Storm

224	- 5.0	MEDIUM	Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly exec…	NVD-CWE-Other	CVE-2003-0245	cpe:2.3:a:apache:http_server:2.0.45:* cpe:2.3:a:apache:http_server:2.0.44:* cpe:2.3:a:apache:http_server:2.0.43:*…				2023-11-7 10:56 2003-06-9	Show	GitHub Exploit DB Packet Storm

225	- 5.0	MEDIUM	A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes …	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2003-0132	cpe:2.3:a:apache:http_server::	2.0.0	2.0.44		2023-11-7 10:56 2003-04-11	Show	GitHub Exploit DB Packet Storm

226	- 5.0	MEDIUM	Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.	NVD-CWE-Other	CVE-2003-0134	cpe:2.3:a:apache:http_server:2.0:* cpe:2.3:a:apache:http_server:2.0.9:* cpe:2.3:a:apache:http_server:2.0.45:* …				2023-11-7 10:56 2003-04-11	Show	GitHub Exploit DB Packet Storm

227	- 5.0	MEDIUM	Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into t…	NVD-CWE-Other	CVE-2003-0083	cpe:2.3:a:apache:http_server::	2.0.0 1.3.0		2.0.46 1.3.26	2023-11-7 10:56 2003-04-2	Show	GitHub Exploit DB Packet Storm

228	- 5.0	MEDIUM	Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to …	NVD-CWE-Other	CVE-2003-0020	cpe:2.3:a:apache:http_server::	2.0.0 1.3.0		2.0.49 1.3.31	2023-11-7 10:56 2003-03-18	Show	GitHub Exploit DB Packet Storm

229	- 7.5	HIGH	Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-D…	NVD-CWE-Other	CVE-2003-0016	cpe:2.3:a:apache:http_server:2.0.43:* cpe:2.3:a:apache:http_server:2.0.42:* cpe:2.3:a:apache:http_server:2.0.41:*…				2023-11-7 10:56 2003-02-7	Show	GitHub Exploit DB Packet Storm

230	- 5.0	MEDIUM	Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filenam…	NVD-CWE-Other	CVE-2003-0017	cpe:2.3:a:apache:http_server:2.0.43:* cpe:2.3:a:apache:http_server:2.0.42:* cpe:2.3:a:apache:http_server:2.0.41:*…				2023-11-7 10:56 2003-02-7	Show	GitHub Exploit DB Packet Storm