Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ubuntu-cve-2026-23918
Vulnerability from osv_ubuntu
Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.
| URL | Type | |
|---|---|---|
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "apache2",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-bin",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-data",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-suexec-custom",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-suexec-pristine",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-utils",
"binary_version": "2.4.66-2ubuntu2.1"
}
],
"priority_reason": "This a potential remote code execution issue"
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "apache2",
"purl": "pkg:deb/ubuntu/apache2@2.4.66-2ubuntu2.1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.66-2ubuntu2.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.4.64-1ubuntu3",
"2.4.65-3ubuntu1",
"2.4.66-2ubuntu1",
"2.4.66-2ubuntu2"
]
}
],
"aliases": [],
"details": "Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.",
"id": "UBUNTU-CVE-2026-23918",
"modified": "2026-06-30T16:19:37Z",
"published": "2026-05-05T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-23918"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23918"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8239-1"
}
],
"related": [
"USN-8239-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2026-23918"
]
}
CVE-2026-23918 (GCVE-0-2026-23918)
Vulnerability from cvelistv5 – Published: 2026-05-04 14:44 – Updated: 2026-07-15 01:17| URL | Tags |
|---|---|
| https://httpd.apache.org/security/vulnerabilities… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2026/0… | |
| https://access.redhat.com/security/cve/CVE-2026-23918 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2465304 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:13938 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Affected:
2.4.66
(semver)
|
|
| Red Hat | Red Hat Hardened Images |
Unaffected:
2.4.67-0.1.hum1 , < *
(rpm)
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat JBoss Core Services |
cpe:/a:redhat:jboss_core_services:1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-23918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T03:56:10.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-04T17:32:35.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/04/19"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"packageName": "httpd-main",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2.4.67-0.1.hum1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "httpd",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"packageName": "mod_http2",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "httpd",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "httpd",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "httpd:2.4/httpd",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "httpd:2.4/mod_http2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "httpd",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "mod_http2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_core_services:1"
],
"defaultStatus": "unaffected",
"packageName": "mod_http2",
"product": "Red Hat JBoss Core Services",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-04T14:44:28.513Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Apache HTTP Server. This vulnerability, related to a double free error within the HTTP/2 protocol implementation, could potentially allow a remote attacker to execute arbitrary code. Successful exploitation could lead to a complete compromise of the affected system."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1341",
"description": "Multiple Releases of Same Resource or Handle",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:17:47.323Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-23918"
},
{
"name": "RHBZ#2465304",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2465304"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23918.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13938"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:13938: Red Hat Hardened Images"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-04T15:01:41.066Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-04T14:44:28.513Z",
"value": "Made public."
}
],
"title": "Apache HTTP Server: Apache HTTP Server: Remote Code Execution via Double Free in HTTP/2 Protocol",
"workarounds": [
{
"lang": "en",
"value": "To mitigate this issue, disable the `mod_http2` module in your Apache HTTP Server configuration. This can be achieved by commenting out or removing the `LoadModule http2_module modules/mod_http2.so` line in the Apache configuration file (e.g., `/etc/httpd/conf.modules.d/00-base.conf` or a similar configuration file). After modifying the configuration, restart the httpd service for the changes to take effect. This action will impact services relying on HTTP/2 functionality."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.4.66",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bartlomiej Dmitruk, striga.ai"
},
{
"lang": "en",
"type": "finder",
"value": "Stanislaw Strzalkowski, isec.pl"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDouble Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: 2.4.66.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.67, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol.\n\nThis issue affects Apache HTTP Server: 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.67, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T14:44:28.513Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-12-10T14:02:00.000Z",
"value": "reported in PR 69899"
},
{
"lang": "en",
"time": "2025-12-11T14:03:00.000Z",
"value": "fixed in r1930444, r1930796"
}
],
"title": "Apache HTTP Server: http2: double free and possible RCE on early reset",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2026-23918",
"datePublished": "2026-05-04T14:44:28.513Z",
"dateReserved": "2026-01-19T13:00:21.720Z",
"dateUpdated": "2026-07-15T01:17:47.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
usn-8239-1
Vulnerability from osv_ubuntu
Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 26.04 LTS. (CVE-2026-23918)
It was discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain privileges. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2026-24072)
Andrew Lacambra, Elhanan Haenel, Tianshuo Han, and Tristan Madani discovered that the Apache HTTP Server mod_proxy_ajp module incorrectly handled certain AJP server messages. An attacker in control of a backend AJP server could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-28780)
Pavel Kohout discovered that Apache HTTP Server did not properly limit resource allocation in mod_md when processing OCSP response data. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2026-29168)
Pavel Kohout discovered that the Apache HTTP Server incorrectly handled certain memory operations in mod_dav_lock. A remote attacker could possibly use this issue to cause Apache HTTP Server to crash, resulting in a denial of service. (CVE-2026-29169)
Nitescu Lucian discovered that Apache HTTP Server had a timing attack vulnerability in mod_auth_digest. A remote attacker could possibly use this issue to bypass Digest authentication. (CVE-2026-33006)
Pavel Kohout and Arkadi Vainbrand discovered that Apache HTTP Server incorrectly handled certain memory operations in mod_authn_socache. A remote attacker could possibly use this issue to cause Apache HTTP Server to crash, resulting in a denial of service. (CVE-2026-33007)
Haruki Oyama, Merih Mengisteab, and Dawit Jeong discovered that Apache HTTP Server had an HTTP response splitting vulnerability in multiple modules when used with untrusted or compromised backend servers. An attacker could possibly use this issue to inject arbitrary HTTP headers. (CVE-2026-33523)
Elhanan Haenel discovered that Apache HTTP Server incorrectly handled certain memory operations in mod_proxy_ajp. A remote attacker could possibly use this issue to cause Apache HTTP Server to crash, resulting in a denial of service. (CVE-2026-33857)
Tianshuo Han and Jérôme Djouder discovered that Apache HTTP Server incorrectly handled certain string operations in mod_proxy_ajp. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2026-34032)
Elhanan Haenel discovered that Apache HTTP Server incorrectly handled certain memory operations in mod_proxy_ajp. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2026-34059)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-24072",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-28780",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29168",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29169",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33006",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33007",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33523",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33857",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34032",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34059",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "apache2",
"binary_version": "2.4.52-1ubuntu4.20"
},
{
"binary_name": "apache2-bin",
"binary_version": "2.4.52-1ubuntu4.20"
},
{
"binary_name": "apache2-data",
"binary_version": "2.4.52-1ubuntu4.20"
},
{
"binary_name": "apache2-suexec-custom",
"binary_version": "2.4.52-1ubuntu4.20"
},
{
"binary_name": "apache2-suexec-pristine",
"binary_version": "2.4.52-1ubuntu4.20"
},
{
"binary_name": "apache2-utils",
"binary_version": "2.4.52-1ubuntu4.20"
},
{
"binary_name": "libapache2-mod-md",
"binary_version": "2.4.52-1ubuntu4.20"
},
{
"binary_name": "libapache2-mod-proxy-uwsgi",
"binary_version": "2.4.52-1ubuntu4.20"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "apache2",
"purl": "pkg:deb/ubuntu/apache2@2.4.52-1ubuntu4.20?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.52-1ubuntu4.20"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.4.48-3.1ubuntu3",
"2.4.48-3.1ubuntu4",
"2.4.51-2ubuntu1",
"2.4.52-1ubuntu1",
"2.4.52-1ubuntu2",
"2.4.52-1ubuntu4",
"2.4.52-1ubuntu4.1",
"2.4.52-1ubuntu4.2",
"2.4.52-1ubuntu4.3",
"2.4.52-1ubuntu4.4",
"2.4.52-1ubuntu4.5",
"2.4.52-1ubuntu4.6",
"2.4.52-1ubuntu4.7",
"2.4.52-1ubuntu4.8",
"2.4.52-1ubuntu4.9",
"2.4.52-1ubuntu4.10",
"2.4.52-1ubuntu4.11",
"2.4.52-1ubuntu4.12",
"2.4.52-1ubuntu4.13",
"2.4.52-1ubuntu4.14",
"2.4.52-1ubuntu4.15",
"2.4.52-1ubuntu4.16",
"2.4.52-1ubuntu4.18",
"2.4.52-1ubuntu4.19"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-24072",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-28780",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29168",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29169",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33006",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33007",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33523",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33857",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34032",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34059",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:24.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "apache2",
"binary_version": "2.4.58-1ubuntu8.12"
},
{
"binary_name": "apache2-bin",
"binary_version": "2.4.58-1ubuntu8.12"
},
{
"binary_name": "apache2-data",
"binary_version": "2.4.58-1ubuntu8.12"
},
{
"binary_name": "apache2-suexec-custom",
"binary_version": "2.4.58-1ubuntu8.12"
},
{
"binary_name": "apache2-suexec-pristine",
"binary_version": "2.4.58-1ubuntu8.12"
},
{
"binary_name": "apache2-utils",
"binary_version": "2.4.58-1ubuntu8.12"
},
{
"binary_name": "libapache2-mod-md",
"binary_version": "2.4.58-1ubuntu8.12"
},
{
"binary_name": "libapache2-mod-proxy-uwsgi",
"binary_version": "2.4.58-1ubuntu8.12"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "apache2",
"purl": "pkg:deb/ubuntu/apache2@2.4.58-1ubuntu8.12?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.58-1ubuntu8.12"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.4.57-2ubuntu2",
"2.4.57-2ubuntu3",
"2.4.58-1ubuntu1",
"2.4.58-1ubuntu2",
"2.4.58-1ubuntu6",
"2.4.58-1ubuntu7",
"2.4.58-1ubuntu8",
"2.4.58-1ubuntu8.1",
"2.4.58-1ubuntu8.2",
"2.4.58-1ubuntu8.3",
"2.4.58-1ubuntu8.4",
"2.4.58-1ubuntu8.5",
"2.4.58-1ubuntu8.6",
"2.4.58-1ubuntu8.7",
"2.4.58-1ubuntu8.8",
"2.4.58-1ubuntu8.10",
"2.4.58-1ubuntu8.11"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-24072",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-28780",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29168",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29169",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33006",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33007",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33523",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33857",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34032",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34059",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:25.10"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "apache2",
"binary_version": "2.4.64-1ubuntu3.4"
},
{
"binary_name": "apache2-bin",
"binary_version": "2.4.64-1ubuntu3.4"
},
{
"binary_name": "apache2-data",
"binary_version": "2.4.64-1ubuntu3.4"
},
{
"binary_name": "apache2-suexec-custom",
"binary_version": "2.4.64-1ubuntu3.4"
},
{
"binary_name": "apache2-suexec-pristine",
"binary_version": "2.4.64-1ubuntu3.4"
},
{
"binary_name": "apache2-utils",
"binary_version": "2.4.64-1ubuntu3.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "apache2",
"purl": "pkg:deb/ubuntu/apache2@2.4.64-1ubuntu3.4?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.64-1ubuntu3.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.4.63-1ubuntu1",
"2.4.63-1ubuntu3",
"2.4.64-1ubuntu2",
"2.4.64-1ubuntu3",
"2.4.64-1ubuntu3.2",
"2.4.64-1ubuntu3.3"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-23918",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-24072",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-28780",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29168",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-29169",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33006",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33007",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33523",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-33857",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34032",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-34059",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:26.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "apache2",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-bin",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-data",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-suexec-custom",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-suexec-pristine",
"binary_version": "2.4.66-2ubuntu2.1"
},
{
"binary_name": "apache2-utils",
"binary_version": "2.4.66-2ubuntu2.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "apache2",
"purl": "pkg:deb/ubuntu/apache2@2.4.66-2ubuntu2.1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.66-2ubuntu2.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.4.64-1ubuntu3",
"2.4.65-3ubuntu1",
"2.4.66-2ubuntu1",
"2.4.66-2ubuntu2"
]
}
],
"aliases": [],
"details": "Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache\nHTTP Server incorrectly handled certain memory operations when using the\nHTTP/2 protocol. A remote attacker could use this issue to cause Apache\nHTTP Server to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 26.04 LTS.\n(CVE-2026-23918)\n\nIt was discovered that the Apache HTTP Server mod_rewrite module\nincorrectly handled certain privileges. A local attacker could possibly use\nthis issue to obtain sensitive information. (CVE-2026-24072)\n\nAndrew Lacambra, Elhanan Haenel, Tianshuo Han, and Tristan Madani\ndiscovered that the Apache HTTP Server mod_proxy_ajp module incorrectly\nhandled certain AJP server messages. An attacker in control of a backend\nAJP server could use this issue to cause Apache HTTP Server to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2026-28780)\n\nPavel Kohout discovered that Apache HTTP Server did not properly limit\nresource allocation in mod_md when processing OCSP response data. A\nremote attacker could possibly use this issue to cause a denial of\nservice. (CVE-2026-29168)\n\nPavel Kohout discovered that the Apache HTTP Server incorrectly handled\ncertain memory operations in mod_dav_lock. A remote attacker could possibly\nuse this issue to cause Apache HTTP Server to crash, resulting in a denial\nof service. (CVE-2026-29169)\n\nNitescu Lucian discovered that Apache HTTP Server had a timing attack\nvulnerability in mod_auth_digest. A remote attacker could possibly\nuse this issue to bypass Digest authentication. (CVE-2026-33006)\n\nPavel Kohout and Arkadi Vainbrand discovered that Apache HTTP Server\nincorrectly handled certain memory operations in mod_authn_socache. A\nremote attacker could possibly use this issue to cause Apache HTTP Server\nto crash, resulting in a denial of service. (CVE-2026-33007)\n\nHaruki Oyama, Merih Mengisteab, and Dawit Jeong discovered that\nApache HTTP Server had an HTTP response splitting vulnerability in\nmultiple modules when used with untrusted or compromised backend\nservers. An attacker could possibly use this issue to inject arbitrary\nHTTP headers. (CVE-2026-33523)\n\nElhanan Haenel discovered that Apache HTTP Server incorrectly handled\ncertain memory operations in mod_proxy_ajp. A remote attacker could\npossibly use this issue to cause Apache HTTP Server to crash, resulting in\na denial of service. (CVE-2026-33857)\n\nTianshuo Han and J\u00e9r\u00f4me Djouder discovered that Apache HTTP Server\nincorrectly handled certain string operations in mod_proxy_ajp. A remote\nattacker could possibly use this issue to obtain sensitive information.\n(CVE-2026-34032)\n\nElhanan Haenel discovered that Apache HTTP Server incorrectly handled\ncertain memory operations in mod_proxy_ajp. A remote attacker could use\nthis issue to cause Apache HTTP Server to crash, resulting in a denial of\nservice, or possibly obtain sensitive information. (CVE-2026-34059)",
"id": "USN-8239-1",
"modified": "2026-06-30T15:55:18Z",
"published": "2026-05-06T19:55:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8239-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-23918"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-24072"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-28780"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-29168"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-29169"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-33006"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-33007"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-33523"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-33857"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-34032"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-34059"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "apache2 vulnerabilities",
"upstream": [
"UBUNTU-CVE-2026-23918",
"UBUNTU-CVE-2026-24072",
"UBUNTU-CVE-2026-28780",
"UBUNTU-CVE-2026-29168",
"UBUNTU-CVE-2026-29169",
"UBUNTU-CVE-2026-33006",
"UBUNTU-CVE-2026-33007",
"UBUNTU-CVE-2026-33523",
"UBUNTU-CVE-2026-33857",
"UBUNTU-CVE-2026-34032",
"UBUNTU-CVE-2026-34059"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.