Apache HTTP Server Vulnerabilities Related to Version 2.4.38

Submitted on 23. January 2019 - 8:47 by rischi.
Last update on 23. January 2019 - 15:59.

IDs:

CVE-2019-0190,

Keywords:

httpd

Description:

The Apache HTTP Server version 2.4.38 fixes tree vulnerabilities [1].

No action required for Airlock WAF

Details

CVE-2018-17189 - DoS with mod_http2. The criticality of this vulnerability for Airlock WAF is negligible.
CVE-2019-0190 - DoS in combination with OpenSSL 1.1.1. This OpenSSL version is not yet used by Airlock WAF.
CVE-2018-17199 - Affects mod_session_cookie. This module is not used by Airlock WAF.

Resolution:

No action is required.

Component:

Airlock

Airlock Vulnerability Status:

Does not affect Airlock

Back-end Vulnerability Status:

No action required

Reference:

[1] Apache httpd 2.4 vulnerabilities

Main menu

Navigation

User menu

You are here

Apache HTTP Server Vulnerabilities Related to Version 2.4.38

Main menu

Search form

Navigation

User menu

You are here

Apache HTTP Server Vulnerabilities Related to Version 2.4.38