VulnerableCode Package Details - pkg:rpm/redhat/httpd@2.2.15-31?arch=el6

Search for packages

Vulnerability	Summary	Fixed by
VCID-1zk6-7wv2-ukcz Aliases: CVE-2014-0118	A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the "DEFLATE" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.	There are no reported fixed by versions.
VCID-kpew-rarv-83dg Aliases: CVE-2014-0231	A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.	There are no reported fixed by versions.
VCID-tbud-pwyt-aye9 Aliases: CVE-2014-0226	A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-1zk6-7wv2-ukcz
Aliases:
CVE-2014-0118

A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the "DEFLATE" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.

There are no reported fixed by versions.

VCID-kpew-rarv-83dg
Aliases:
CVE-2014-0231

A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.

There are no reported fixed by versions.

VCID-tbud-pwyt-aye9
Aliases:
CVE-2014-0226

A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:47:12.107378+00:00	RedHat Importer	Affected by	VCID-tbud-pwyt-aye9	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json	38.0.0
2026-04-01T14:47:04.302991+00:00	RedHat Importer	Affected by	VCID-1zk6-7wv2-ukcz	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json	38.0.0
2026-04-01T14:46:56.914403+00:00	RedHat Importer	Affected by	VCID-kpew-rarv-83dg	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json	38.0.0