Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-13950 advisory.

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:5163 advisory.

  - httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5163 advisory.

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5163 advisory.

    httpd     [2.4.37-47.0.1.2]
    - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262]
    - Replace index.html with Oracle's index page oracle_index.html

    [2.4.37-47.2]
    - Resolves: #2097247 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer       dereference

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5163 advisory.

    The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

    Security Fix(es):

    * httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202107-38 (Apache: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Apache. Please review       the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4614 advisory.

    This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss     Core Services offering.

    This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service     Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most     significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
    * httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)
    * httpd: Heap overflow in mod_session (CVE-2021-26691)
    * httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)
    * httpd: MergeSlashes regression (CVE-2021-30641)
    * httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)
    * jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash()     (CVE-2021-23841)
    * openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
    * openssl: integer overflow in CipherUpdate (CVE-2021-23840)
    * pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)
    * pcre: integer overflow in libpcre (CVE-2020-14155)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the httpd package has been released.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2127-1 advisory.

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in     mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team     could create one, though some particular compiler and/or compilation option might make it possible, with     limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow     (CVE-2020-35452)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can     cause a NULL pointer dereference and crash, leading to a possible Denial Of Service (CVE-2021-26690)

  - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server     could cause a heap overflow (CVE-2021-26691)

  - Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'     (CVE-2021-30641)

  - Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the     size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of     these restrictions and HTTP response is sent to the client with a status code indicating why the request     was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the     offending header was the very first one received or appeared in a a footer. This led to a NULL pointer     dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2     request is easy to craft and submit, this can be exploited to DoS the server. This issue affected     mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never     released. (CVE-2021-31618)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of httpd24 installed on the remote host is prior to 2.4.48-1.92. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1514 advisory.

  - Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not     necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for     subsequent requests on the same connection to pass through with no HTTP validation, authentication or     authorization possibly configured. (CVE-2019-17567)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows     (CVE-2020-13938)

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in     mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team     could create one, though some particular compiler and/or compilation option might make it possible, with     limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow     (CVE-2020-35452)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can     cause a NULL pointer dereference and crash, leading to a possible Denial Of Service (CVE-2021-26690)

  - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server     could cause a heap overflow (CVE-2021-26691)

  - Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'     (CVE-2021-30641)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of httpd installed on the remote host is prior to 2.4.48-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1674 advisory.

  - Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not     necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for     subsequent requests on the same connection to pass through with no HTTP validation, authentication or     authorization possibly configured. (CVE-2019-17567)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows     (CVE-2020-13938)

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in     mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team     could create one, though some particular compiler and/or compilation option might make it possible, with     limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow     (CVE-2020-35452)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can     cause a NULL pointer dereference and crash, leading to a possible Denial Of Service (CVE-2021-26690)

  - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server     could cause a heap overflow (CVE-2021-26691)

  - Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'     (CVE-2021-30641)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2127-1 advisory.

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in     mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team     could create one, though some particular compiler and/or compilation option might make it possible, with     limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow     (CVE-2020-35452)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can     cause a NULL pointer dereference and crash, leading to a possible Denial Of Service (CVE-2021-26690)

  - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server     could cause a heap overflow (CVE-2021-26691)

  - Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'     (CVE-2021-30641)

  - Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the     size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of     these restrictions and HTTP response is sent to the client with a status code indicating why the request     was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the     offending header was the very first one received or appeared in a a footer. This led to a NULL pointer     dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2     request is easy to craft and submit, this can be exploited to DoS the server. This issue affected     mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never     released. (CVE-2021-31618)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0908-1 advisory.

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in     mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team     could create one, though some particular compiler and/or compilation option might make it possible, with     limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow     (CVE-2020-35452)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can     cause a NULL pointer dereference and crash, leading to a possible Denial Of Service (CVE-2021-26690)

  - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server     could cause a heap overflow (CVE-2021-26691)

  - Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'     (CVE-2021-30641)

  - Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the     size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of     these restrictions and HTTP response is sent to the client with a status code indicating why the request     was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the     offending header was the very first one received or appeared in a a footer. This led to a NULL pointer     dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2     request is easy to craft and submit, this can be exploited to DoS the server. This issue affected     mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never     released. (CVE-2021-31618)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Apache httpd reports :

- moderate: mod_proxy_wstunnel tunneling of non Upgraded connections (CVE-2019-17567)

- moderate: Improper Handling of Insufficient Privileges (CVE-2020-13938)

- low: mod_proxy_http NULL pointer dereference (CVE-2020-13950)

- low: mod_auth_digest possible stack overflow by one nul byte (CVE-2020-35452)

- low: mod_session NULL pointer dereference (CVE-2021-26690)

- low: mod_session response handling heap overflow (CVE-2021-26691)

- moderate: Unexpected URL matching with 'MergeSlashes OFF' (CVE-2021-30641)

- important: NULL pointer dereference on specially crafted HTTP/2 request (CVE-2021-31618)

The version of httpd installed on the remote host is prior to 2.4.48-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1659 advisory.

  - Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not     necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for     subsequent requests on the same connection to pass through with no HTTP validation, authentication or     authorization possibly configured. (CVE-2019-17567)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows     (CVE-2020-13938)

  - Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer     dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers,     leading to a Denial of Service (CVE-2020-13950)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in     mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team     could create one, though some particular compiler and/or compilation option might make it possible, with     limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow     (CVE-2020-35452)

  - Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can     cause a NULL pointer dereference and crash, leading to a possible Denial Of Service (CVE-2021-26690)

  - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server     could cause a heap overflow (CVE-2021-26691)

  - Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'     (CVE-2021-30641)

  - Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the     size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of     these restrictions and HTTP response is sent to the client with a status code indicating why the request     was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the     offending header was the very first one received or appeared in a a footer. This led to a NULL pointer     dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2     request is easy to craft and submit, this can be exploited to DoS the server. This issue affected     mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never     released. (CVE-2021-31618)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4994-1 advisory.

    Marc Stern discovered that the Apache mod_proxy_http module incorrectly handled certain requests. A remote     attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This     issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2020-13950)

    Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest     nonces. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of     service. (CVE-2020-35452)

    Antonio Morales discovered that the Apache mod_session module incorrectly handled certain Cookie headers.
    A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of     service. (CVE-2021-26690)

    Christophe Jaillet discovered that the Apache mod_session module incorrectly handled certain SessionHeader     values. A remote attacker could use this issue to cause Apache to crash, resulting in a denial of service,     or possibly execute arbitrary code. (CVE-2021-26691)

    Christoph Anton Mitterer discovered that the new MergeSlashes configuration option resulted in unexpected     behaviour in certain situations. (CVE-2021-30641)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.48. It is, therefore, affected by multiple vulnerabilities:

 - Unexpected <Location> section matching with 'MergeSlashes OFF'. (CVE-2021-30641)

 - mod_auth_digest: possible stack overflow by one nul byte while validating the Digest nonce. (CVE-2020-35452)

 - mod_session: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of Service with a malicious backend server and SessionHeader. (CVE-2021-26691)

 - mod_session: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of Service. (CVE-2021-26690)

 - mod_proxy_http: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of Service. (CVE-2020-13950)

 - Windows: Prevent local users from stopping the httpd process (CVE-2020-13938)

 - mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end negotiation. (CVE-2019-17567)

 - mod_http2: Fix a potential NULL pointer dereference. (CVE-2021-31618)

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and
-current to fix security issues.

The version of Apache httpd installed on the remote host is prior to 2.4.47. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.47 changelog:

  - Unexpected <Location> section matching with 'MergeSlashes OFF' (CVE-2021-30641)

  - mod_auth_digest: possible stack overflow by one nul byte while validating the Digest nonce. (CVE-2020-35452)

  - mod_session: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of Service     with a malicious backend server and SessionHeader. (CVE-2021-26691)

  - mod_session: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of Service.
    (CVE-2021-26690)

  - mod_proxy_http: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of     Service. (CVE-2020-13950)

  - Windows: Prevent local users from stopping the httpd process (CVE-2020-13938)

  - mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end negotiation. (CVE-2019-17567)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
172901	CBL Mariner 2.0 Security Update: httpd (CVE-2020-13950)	Nessus	MarinerOS Local Security Checks	high
162987	CentOS 8 : httpd:2.4 (CESA-2022:5163)	Nessus	CentOS Local Security Checks	high
162838	Rocky Linux 8 : httpd:2.4 (RLSA-2022:5163)	Nessus	Rocky Linux Local Security Checks	high
162526	Oracle Linux 8 : httpd:2.4 (ELSA-2022-5163)	Nessus	Oracle Linux Local Security Checks	high
162479	RHEL 8 : httpd:2.4 (RHSA-2022:5163)	Nessus	Red Hat Local Security Checks	high
156972	GLSA-202107-38 : Apache: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
155223	RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 (RHSA-2021:4614)	Nessus	Red Hat Local Security Checks	critical
153184	Photon OS 3.0: Httpd PHSA-2021-3.0-0257	Nessus	PhotonOS Local Security Checks	high
151694	openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:2127-1)	Nessus	SuSE Local Security Checks	critical
151522	Amazon Linux AMI : httpd24 (ALAS-2021-1514)	Nessus	Amazon Linux Local Security Checks	critical
151436	Photon OS 1.0: Httpd PHSA-2021-1.0-0409	Nessus	PhotonOS Local Security Checks	critical
151272	Amazon Linux 2 : httpd (ALAS-2021-1674)	Nessus	Amazon Linux Local Security Checks	critical
151196	Photon OS 2.0: Httpd PHSA-2021-2.0-0365	Nessus	PhotonOS Local Security Checks	critical
151095	SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2021:2127-1)	Nessus	SuSE Local Security Checks	critical
151068	openSUSE 15 Security Update : apache2 (openSUSE-SU-2021:0908-1)	Nessus	SuSE Local Security Checks	critical
151010	FreeBSD : Apache httpd -- Multiple vulnerabilities (cce76eca-ca16-11eb-9b84-d4c9ef517024)	Nessus	FreeBSD Local Security Checks	critical
150983	Amazon Linux 2 : httpd (ALAS-2021-1659)	Nessus	Amazon Linux Local Security Checks	critical
150940	Ubuntu 18.04 LTS / 20.04 LTS : Apache HTTP Server vulnerabilities (USN-4994-1)	Nessus	Ubuntu Local Security Checks	critical
112806	Apache 2.4.x < 2.4.48 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	critical
150334	Slackware 14.0 / 14.1 / 14.2 / current : httpd (SSA:2021-158-01)	Nessus	Slackware Local Security Checks	critical
150280	Apache 2.4.x < 2.4.47 Multiple Vulnerabilities	Nessus	Web Servers	critical

Detections

Analytics

CVE-2020-13950

high

Tenable Plugins

high

high

high

high

high

critical

critical

high

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical