QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2020-35452

Back to search

CVE-2020-35452

Published: Jun 10, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow

VendorProductVersions

Apache Software Foundation

Apache HTTP Server

affected
2.4.46
affected
2.4.43
affected
2.4.41
affected
2.4.39
affected
2.4.38

+24 more versions

References

DSA-4937
vendor-advisory
x_refsource_DEBIAN
GLSA-202107-38
vendor-advisory
x_refsource_GENTOO
FEDORA-2021-dce7e7738e
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-e3f6dd670d
vendor-advisory
x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now