Apache : Security Vulnerabilities, CVEs, Published In November 2012 (Denial of service)
Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
Max CVSS
5.0
EPSS Score
1.11%
Published
2012-11-30
Updated
2021-01-11
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
Max CVSS
5.0
EPSS Score
7.73%
Published
2012-11-30
Updated
2021-06-06
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
Max CVSS
5.0
EPSS Score
5.20%
Published
2012-11-16
Updated
2017-09-19
3 vulnerabilities found