Search for packages
| purl | pkg:apk/alpine/apache2@2.4.46-r0?arch=armhf&distroversion=v3.18&reponame=main |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-eesz-v6ae-gya3 | In Apache HTTP Server versions 2.4.20 to 2.4.43, a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. |
CVE-2020-9490
|
| VCID-t67v-c4gx-ukbj | In Apache HTTP Server versions 2.4.32 to 2.4.43, mod_proxy_uwsgi has a information disclosure and possible RCE |
CVE-2020-11984
|
| VCID-yz3c-arnr-y3cs | In Apache HTTP Server versions 2.4.20 to 2.4.43, when trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers. |
CVE-2020-11993
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-03T17:56:03.615085+00:00 | Alpine Linux Importer | Fixing | VCID-eesz-v6ae-gya3 | https://secdb.alpinelinux.org/v3.18/main.json | 38.1.0 |
| 2026-04-01T19:07:45.927364+00:00 | Alpine Linux Importer | Fixing | VCID-t67v-c4gx-ukbj | https://secdb.alpinelinux.org/v3.18/main.json | 38.0.0 |
| 2026-04-01T19:06:51.084675+00:00 | Alpine Linux Importer | Fixing | VCID-yz3c-arnr-y3cs | https://secdb.alpinelinux.org/v3.18/main.json | 38.0.0 |