Search for packages
| purl | pkg:apache/httpd@2.3.4-alpha |
| Next non-vulnerable version | 2.4.53-rc1-candidate |
| Latest non-vulnerable version | 2.4.54 |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-d59r-2grq-aaab
Aliases: CVE-2010-2068 |
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T12:34:42.269770+00:00 | Apache HTTPD Importer | Affected by | VCID-d59r-2grq-aaab | https://httpd.apache.org/security/json/CVE-2010-2068.json | 36.0.0 |
| 2024-11-18T22:52:37.372016+00:00 | Apache HTTPD Importer | Affected by | VCID-d59r-2grq-aaab | https://httpd.apache.org/security/json/CVE-2010-2068.json | 34.3.2 |
| 2024-01-04T01:33:29.311330+00:00 | Apache HTTPD Importer | Affected by | VCID-d59r-2grq-aaab | https://httpd.apache.org/security/json/CVE-2010-2068.json | 34.0.0rc1 |