Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:ebuild/www-servers/apache@2.2.27-r4
purl pkg:ebuild/www-servers/apache@2.2.27-r4
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-6pzx-1e5t-xbes XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn. CVE-2013-6438
VCID-ke1s-451y-p3cz A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM. CVE-2014-0098
VCID-tbud-pwyt-aye9 A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page. CVE-2014-0226

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:14:21.849036+00:00 Gentoo Importer Fixing VCID-tbud-pwyt-aye9 https://security.gentoo.org/glsa/201408-12 38.0.0
2026-04-01T13:14:21.832546+00:00 Gentoo Importer Fixing VCID-ke1s-451y-p3cz https://security.gentoo.org/glsa/201408-12 38.0.0
2026-04-01T13:14:21.814830+00:00 Gentoo Importer Fixing VCID-6pzx-1e5t-xbes https://security.gentoo.org/glsa/201408-12 38.0.0