CVE-2014-0117
published 2014-07-20CVE-2014-0117: The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | — | — |
| apache | http_server | — | — |
| apache | http_server | — | — |
| apache | http_server | — | — |
| apple | mac_os_x | <= 10.10.2 | — |
| apple | os_x_yosemite_v10.10.3_and_security_update_2015-004 | — | — |
| debian | apache2 | < apache2 2.4.10-1 (bookworm) | apache2 2.4.10-1 (bookworm) |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM