Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Apache HTTP Server — Vulnerabilities & Security Advisories 109

All 109 CVE vulnerabilities found in Apache HTTP Server, with AI-generated Chinese analysis, references, and POCs.

Vendor: Apache Software Foundation

CVE IDTitleCVSSSeverityPublished
CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... CWE-201 8.1 -2025-12-05
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo 8.3 -2025-12-05
CVE-2025-65082 Apache HTTP Server: CGI environment variable override CWE-150 7.5 -2025-12-05
CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF CWE-918 5.3 -2025-12-05
CVE-2025-55753 Apache HTTP Server: mod_md (ACME), unintended retry intervals CWE-190--2025-12-05
CVE-2025-54090 Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64 CWE-253 7.5 -2025-07-23
CVE-2025-53020 Apache HTTP Server: HTTP/2 DoS by Memory Increase CWE-401 9.1 -2025-07-10
CVE-2025-49812 Apache HTTP Server: mod_ssl TLS upgrade attack CWE-287 7.4AIHighAI2025-07-10
CVE-2025-49630 Apache HTTP Server: mod_proxy_http2 denial of service CWE-617 7.5AIHighAI2025-07-10
CVE-2025-23048 Apache HTTP Server: mod_ssl access control bypass with session resumption CWE-284 8.1AIHighAI2025-07-10
CVE-2024-43394 Apache HTTP Server: SSRF on Windows due to UNC paths CWE-918 7.5 -2025-07-10
CVE-2024-47252 Apache HTTP Server: mod_ssl error log variable escaping CWE-150 5.3AIMediumAI2025-07-10
CVE-2024-43204 Apache HTTP Server: SSRF with mod_headers setting Content-Type header CWE-918 5.9AIMediumAI2025-07-10
CVE-2024-42516 Apache HTTP Server: HTTP response splitting CWE-20 5.3AIMediumAI2025-07-10
CVE-2024-40725 Apache HTTP Server: source code disclosure with handlers configured via AddType CWE-668 7.5 -2024-07-18
CVE-2024-40898 Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows CWE-918 7.5AIHighAI2024-07-18
CVE-2024-39884 Apache HTTP Server: source code disclosure with handlers configured via AddType 7.5 -2024-07-04
CVE-2024-39573 Apache HTTP Server: mod_rewrite proxy handler substitution CWE-20 9.3AICriticalAI2024-07-01
CVE-2024-38477 Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request CWE-476 7.5 -2024-07-01
CVE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect CWE-829 9.1AICriticalAI2024-07-01
CVE-2024-38475 Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. CWE-116 9.8AICriticalAI2024-07-01
CVE-2024-38474 Apache HTTP Server weakness with encoded question marks in backreferences CWE-116 9.8AICriticalAI2024-07-01
CVE-2024-38473 Apache HTTP Server proxy encoding problem CWE-116 9.8AICriticalAI2024-07-01
CVE-2024-38472 Apache HTTP Server on WIndows UNC SSRF CWE-918 7.5AIHighAI2024-07-01
CVE-2024-36387 Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 CWE-476 7.5AIHighAI2024-07-01
CVE-2024-27316 Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames CWE-770 7.5 -2024-04-04
CVE-2024-24795 Apache HTTP Server: HTTP Response Splitting in multiple modules CWE-113 9.1 -2024-04-04
CVE-2023-38709 Apache HTTP Server: HTTP response splitting 7.5 -2024-04-04
CVE-2023-31122 Apache HTTP Server: mod_macro buffer over-read CWE-125 7.5 -2023-10-23
CVE-2023-43622 Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 CWE-400 7.5 -2023-10-23

All 109 known CVE vulnerabilities affecting Apache HTTP Server with full Chinese analysis, references, and POCs where available.