Search for packages
| purl | pkg:rpm/redhat/httpd@2.2.3-43.el5_5?arch=3 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-56kt-8bg6-zbcj
Aliases: CVE-2010-1452 |
A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon "CacheIgnoreURLSessionIdentifiers" directive, introduced in version 2.2.14, is used. | There are no reported fixed by versions. |
|
VCID-cn4b-1w42-gyda
Aliases: CVE-2010-2791 |
An information disclosure flaw was found in mod_proxy_http in version 2.2.9 only, on Unix platforms. Under certain timeout conditions, the server could return a response intended for another user. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced. The simplest workaround is to globally configure: SetEnv proxy-nokeepalive 1 | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:57:08.295888+00:00 | RedHat Importer | Affected by | VCID-56kt-8bg6-zbcj | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json | 38.0.0 |
| 2026-04-01T14:57:08.011235+00:00 | RedHat Importer | Affected by | VCID-cn4b-1w42-gyda | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2791.json | 38.0.0 |