Search for packages
| purl | pkg:rpm/redhat/httpd@2.4.6-90?arch=el7 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-uwqg-yytc-vfae
Aliases: CVE-2019-0220 |
When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them. | There are no reported fixed by versions. |
|
VCID-w6p6-u8ku-k3f6
Aliases: CVE-2019-0217 |
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:20:38.588822+00:00 | RedHat Importer | Affected by | VCID-uwqg-yytc-vfae | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json | 38.0.0 |
| 2026-04-01T14:20:37.143914+00:00 | RedHat Importer | Affected by | VCID-w6p6-u8ku-k3f6 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json | 38.0.0 |