Lucene search
Alpine Linux Development TeamALPINE:CVE-2020-11984HistoryAug 07, 2020 - 4:15 p.m.
CVE-2020-11984
2020-08-0716:15:11
Alpine Linux Development Team
security.alpinelinux.org
24
apache
http server
mod_proxy_uwsgi
info disclosure
rce
vulnerability
unix
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.011
Percentile
84.4%
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.10-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.11-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | apache2 | < 2.4.46-r0 | UNKNOWN |
Related
osv
osv
BIT-apache-2020-11984
2024-03-06 10:57:57
CVE-2020-11984
2020-08-07 16:15:11
uwsgi vulnerability
2021-09-03 18:48:59
debiancve
debiancve
CVE-2020-11984
2020-08-07 16:15:11
ubuntucve
ubuntucve
CVE-2020-11984
2020-08-07 00:00:00
httpd
httpd
Apache Httpd < 2.4.44 : mod_proxy_uwsgi buffer overflow
2020-07-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-11984 affecting package httpd 2.4.43-
2021-07-08 21:56:40
zdt
zdt
Apache2 mod_proxy_uwsgi Incorrect Request Handling Exploit
2020-08-31 00:00:00
veracode
veracode
Information Disclosure
2020-08-11 03:24:53
nessus
nessus
Ubuntu 16.04 ESM : uWSGI vulnerability (USN-5054-2)
2023-10-23 00:00:00
Debian DLA-2362-1 : uwsgi security update
2020-09-04 00:00:00
Ubuntu 18.04 LTS : uWSGI vulnerability (USN-5054-1)
2021-08-30 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5054-1)
2021-08-31 00:00:00
Ubuntu: Security Advisory (USN-5054-2)
2023-01-27 00:00:00
cvelist
cvelist
CVE-2020-11984
2020-08-07 15:27:15
ubuntu
ubuntu
uWSGI vulnerability
2021-08-30 00:00:00
uWSGI vulnerability
2021-09-03 00:00:00
Apache HTTP Server vulnerabilities
2020-08-13 00:00:00
prion
prion
Information disclosure
2020-08-07 16:15:00
nvd
nvd
CVE-2020-11984
2020-08-07 16:15:11
cve
cve
CVE-2020-11984
2020-08-07 16:15:11
debian
debian
[SECURITY] [DLA 2362-1] uwsgi security update
2020-09-02 22:33:46
[SECURITY] [DSA 4757-1] apache2 security update
2020-08-31 15:10:58
[SECURITY] [DSA 4757-1] apache2 security update
2020-08-31 15:10:58
redhatcve
redhatcve
CVE-2020-11984
2020-08-11 20:13:29
photon
photon
Critical Photon OS Security Update - PHSA-2020-0125
2020-08-12 00:00:00
Critical Photon OS Security Update - PHSA-2020-3.0-0125
2020-08-12 00:00:00
suse
suse
Security update for apache2 (moderate)
2020-08-30 00:00:00
Security update for apache2 (moderate)
2020-08-29 00:00:00
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2020-08-07 00:00:00
oraclelinux
oraclelinux
httpd:2.4 security, bug fix, and enhancement update
2021-05-25 00:00:00
amazon
amazon
Important: httpd
2020-09-15 17:18:00
Low: httpd24
2020-08-26 23:09:00
f5
f5
mageia
mageia
Updated apache packages fix security vulnerability
2020-08-18 20:41:27
rocky
rocky
httpd:2.4 security, bug fix, and enhancement update
2021-05-18 06:08:34
thn
thn
Google Researcher Reported 3 Flaws in Apache Web Server Software
2020-08-25 06:52:00
almalinux
almalinux
Moderate: httpd:2.4 security, bug fix, and enhancement update
2021-05-18 06:08:34
kaspersky
kaspersky
KLA12368 Multiple vulnerabilities in Apache HTTP Server
2020-08-07 00:00:00
fortinet
fortinet
Multiple Apache Vulnerabilties fixed in 2.4.46
2020-10-05 00:00:00
redhat
redhat
ibm
ibm
attackerkb
attackerkb
CVE-2020-11984 — Multiple Vulnerabilities in Apache Web Server Could Allow for Remote Code Execution
2020-08-07 00:00:00
CVE-2020-9490
2020-08-07 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: httpd-2.4.46-1.fc31
2020-09-03 16:27:14
[SECURITY] Fedora 32 Update: httpd-2.4.46-1.fc32
2020-08-31 15:50:53
gentoo
gentoo
Apache: Multiple vulnerabilities
2020-08-08 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2159
2023-04-25 11:49:15
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.011
Percentile
84.4%
Related for ALPINE:CVE-2020-11984