Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/apache2@2.4.46-6?distro=trixie
purl pkg:deb/debian/apache2@2.4.46-6?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-17hy-4ppt-xyhw Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691
VCID-66k7-maf9-dfcd Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow CVE-2020-35452
VCID-9ych-ybpr-j3h6 Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service CVE-2020-13950
VCID-bvkg-nrwd-e7g8 Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service CVE-2021-26690
VCID-g6xr-qtwz-2yaq Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' CVE-2021-30641

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:15:18.445326+00:00 Debian Importer Fixing VCID-bvkg-nrwd-e7g8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:41:38.667597+00:00 Debian Importer Fixing VCID-9ych-ybpr-j3h6 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:12:54.920516+00:00 Debian Importer Fixing VCID-17hy-4ppt-xyhw https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:00:27.068858+00:00 Debian Importer Fixing VCID-g6xr-qtwz-2yaq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:36:04.758868+00:00 Debian Importer Fixing VCID-66k7-maf9-dfcd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:22:55.101949+00:00 Debian Importer Fixing VCID-bvkg-nrwd-e7g8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:58:08.317136+00:00 Debian Importer Fixing VCID-9ych-ybpr-j3h6 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:37:28.783308+00:00 Debian Importer Fixing VCID-17hy-4ppt-xyhw https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:28:14.309629+00:00 Debian Importer Fixing VCID-g6xr-qtwz-2yaq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:09:48.735380+00:00 Debian Importer Fixing VCID-66k7-maf9-dfcd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:14:15.030136+00:00 Debian Importer Fixing VCID-bvkg-nrwd-e7g8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:12:26.318296+00:00 Debian Importer Fixing VCID-9ych-ybpr-j3h6 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:10:47.321373+00:00 Debian Importer Fixing VCID-17hy-4ppt-xyhw https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:10:07.161979+00:00 Debian Importer Fixing VCID-g6xr-qtwz-2yaq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:08:44.172990+00:00 Debian Importer Fixing VCID-66k7-maf9-dfcd https://security-tracker.debian.org/tracker/data/json 38.1.0