Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Apache HTTP Server Number Of NVD 283 CRITICAL 22 HIGH 92 MEDIUM 156 LOW 13
URL https://httpd.apache.org/
Explanation It is the most widely used web server software in the world, and is used for everything from large commercial sites to home servers. It is also referred to simply as Apache.

The above text is excerpted from "https://ja.wikipedia.org/wiki/Apache_HTTP_Server".

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • オープンソース
  • Apache License v2.0
Add Information URL
No Type Name URL
1 https://httpd.apache.org/download.cgi
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
271 Apache HTTP Server 2.4 2.4.66 Dec. 4, 2025 Feb. 21, 2012 19 33 33 1
272 Apache HTTP Server 2.0 2.0.65 July 10, 2013 April 6, 2002 July 10, 2013 8 28 72 5
273 Apache HTTP Server 2.3 2.3.9 7 9 8 0
274 Apache HTTP Server 2.2 2.2.9 11 20 68 7
275 Apache HTTP Server 2.1 2.1.9 8 9 12 0
276 Apache HTTP Server 2.0 2.0.9 8 21 53 4
277 Apache HTTP Server 12.2 12.2.1.3.0 0 0 0 0
278 Apache HTTP Server 12.1 12.1.3.0.0 0 0 0 0
279 Apache HTTP Server 11.1 11.1.1.9.0 0 0 0 0
280 Apache HTTP Server 1.99 1.99 8 11 11 0
281 Apache HTTP Server 1.4 1.4.0 8 11 11 0
282 Apache HTTP Server 1.3 1.3.9 9 27 42 3
283 Apache HTTP Server 1.2 1.2.9 8 16 18 0
284 Apache HTTP Server 1.15 1.15.17 8 12 11 0
285 Apache HTTP Server 1.1 1.1.1 8 18 19 0
286 Apache HTTP Server 1.0 1.0.5 8 17 19 0
287 Apache HTTP Server 0.8 0.8.14 8 16 18 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
271 -
7.5 		HIGH guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1… NVD-CWE-Other
CVE-1999-1053 cpe:2.3:a:apache:http_server:1.3.9:* 2008-09-6 05:18
1999-09-13 		Show GitHub Exploit DB Packet Storm
272 -
10.0 		HIGH Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. NVD-CWE-Other
CVE-1999-0926 cpe:2.3:a:apache:http_server:1.2.5:* 2008-09-6 05:18
1999-09-3 		Show GitHub Exploit DB Packet Storm
273 -
5.0 		MEDIUM Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. NVD-CWE-Other
CVE-2000-1206 cpe:2.3:a:apache:http_server:1.3.9:*
cpe:2.3:a:apache:http_server:1.3.10:* 		2023-11-7 10:55
1999-08-20 		Show GitHub Exploit DB Packet Storm
274 -
10.0 		HIGH Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long … CWE-120
Classic Buffer Overflow 		CVE-1999-1237 cpe:2.3:a:apache:http_server:-:* 2020-07-21 22:53
1999-06-6 		Show GitHub Exploit DB Packet Storm
275 -
5.0 		MEDIUM A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which ge… NVD-CWE-noinfo
CVE-1999-1412 cpe:2.3:a:apache:http_server:-:* 2021-09-22 23:22
1999-06-3 		Show GitHub Exploit DB Packet Storm
276 -
5.0 		MEDIUM A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. NVD-CWE-Other
CVE-1999-0678 cpe:2.3:a:apache:http_server:-:* 2020-10-14 02:09
1999-01-17 		Show GitHub Exploit DB Packet Storm
277 -
10.0 		HIGH Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. NVD-CWE-Other
CVE-1999-1199 cpe:2.3:a:apache:http_server:*:* 1.3.1 2023-11-7 10:55
1998-08-7 		Show GitHub Exploit DB Packet Storm
278 -
5.0 		MEDIUM Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. NVD-CWE-Other
CVE-1999-0107 cpe:2.3:a:apache:http_server:1.2.5:*
cpe:2.3:a:apache:http_server:1.1:*
cpe:2.3:a:apache:http_server:1.1.1:*
c… 		2022-08-17 16:15
1997-12-30 		Show GitHub Exploit DB Packet Storm
279 -
7.5 		HIGH Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. NVD-CWE-Other
CVE-1999-0071 cpe:2.3:a:apache:http_server:1.1.1:* 2022-08-17 16:15
1997-09-1 		Show GitHub Exploit DB Packet Storm
280 7.5
5.0 		HIGH
Network 		ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. CWE-200
Information Exposure 		CVE-1999-0236 cpe:2.3:a:apache:http_server:-:* 2022-08-17 16:15
1997-01-1 		Show GitHub Exploit DB Packet Storm