Debian dsa-5729 : apache2 - security update

critical Nessus Plugin ID 202232

Language:

Version 1.5 Oct 9, 2024, 1:00 AM CVE (set "CVE" coverage to "CVE-2024-38474,CVE-2024-39884") CVSS metrics ("Cvssv4 score" set to 0.0) CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2024-38476" to "CVE-2024-38474") CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Exploit attributes ("Exploit available" changed from "True" to "False") Exploit attributes ("Exploitability ease" changed from "Exploits are available" to "No known exploits are available") Plugin metadata Plugin Feed: 202410090100
Version 1.4 Aug 22, 2024, 8:06 AM CVSS metrics ("CVSSv2 score" set to 10.0) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSS metrics ("CVSSv3 score" set to 9.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H") CVSSv2 score source (changed from "CVE-2024-36387" to "CVE-2024-38476") CVSSv2 severity (based on CVE-2024-38476, severity increased from "Medium" to "High") CVSSv3 score source (changed from "CVE-2024-38475" to none) Plugin Feed: 202408220806
Version 1.3 Aug 20, 2024, 9:39 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202408200939
Version 1.2 Jul 19, 2024, 12:17 PM IAVM reference Plugin Feed: 202407191217
Version 1.1 Jul 12, 2024, 6:03 AM New Plugin Feed: 202407120603

* Changelogs are generally available for changes made after Nov 1, 2022