VulnerableCode Package Details - pkg:apache/httpd@2.4.40

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apache/httpd@2.4.40

Essentials
History (2)

purl	pkg:apache/httpd@2.4.40

Next non-vulnerable version	2.4.42
Latest non-vulnerable version	2.4.54
Risk	2.8

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-5xrt-1n1q-4bey Aliases: CVE-2020-1927	In Apache HTTP Server versions 2.4.0 to 2.4.41 some mod_rewrite configurations vulnerable to open redirect.	2.4.42 Affected by 0 other vulnerabilities.
VCID-auhk-ppv5-buaa Aliases: CVE-2020-1934	in Apache HTTP Server versions 2.4.0 to 2.4.41, mod_proxy_ftp use of uninitialized value with malicious FTP backend.	2.4.42 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:36:22.661938+00:00	Apache HTTPD Importer	Affected by	VCID-auhk-ppv5-buaa	https://httpd.apache.org/security/json/CVE-2020-1934.json	38.0.0
2026-04-01T12:36:22.591647+00:00	Apache HTTPD Importer	Affected by	VCID-5xrt-1n1q-4bey	https://httpd.apache.org/security/json/CVE-2020-1927.json	38.0.0