{"containers": {"cna": {"affected": [{"product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "2.4.46"}, {"status": "affected", "version": "2.4.43"}, {"status": "affected", "version": "2.4.41"}, {"status": "affected", "version": "2.4.39"}, {"status": "affected", "version": "2.4.38"}, {"status": "affected", "version": "2.4.37"}, {"status": "affected", "version": "2.4.35"}, {"status": "affected", "version": "2.4.34"}, {"status": "affected", "version": "2.4.33"}, {"status": "affected", "version": "2.4.29"}, {"status": "affected", "version": "2.4.28"}, {"status": "affected", "version": "2.4.27"}, {"status": "affected", "version": "2.4.26"}, {"status": "affected", "version": "2.4.25"}, {"status": "affected", "version": "2.4.23"}, {"status": "affected", "version": "2.4.20"}, {"status": "affected", "version": "2.4.18"}, {"status": "affected", "version": "2.4.17"}, {"status": "affected", "version": "2.4.16"}, {"status": "affected", "version": "2.4.12"}, {"status": "affected", "version": "2.4.10"}, {"status": "affected", "version": "2.4.9"}, {"status": "affected", "version": "2.4.7"}, {"status": "affected", "version": "2.4.6"}, {"status": "affected", "version": "2.4.4"}, {"status": "affected", "version": "2.4.3"}, {"status": "affected", "version": "2.4.2"}, {"status": "affected", "version": "2.4.1"}, {"status": "affected", "version": "2.4.0"}]}], "credits": [{"lang": "en", "value": "This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales)"}], "descriptions": [{"lang": "en", "value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow"}], "metrics": [{"other": {"content": {"other": "low"}, "type": "unknown"}}], "problemTypes": [{"descriptions": [{"description": "mod_auth_digest possible stack overflow by one nul byte", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-10-20T10:39:46", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://httpd.apache.org/security/vulnerabilities_24.html"}, {"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-announce] 20210609 CVE-2020-35452: mod_auth_digest possible stack overflow by one nul byte", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E"}, {"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"}, {"name": "[oss-security] 20210609 CVE-2020-35452: Apache httpd: mod_auth_digest possible stack overflow by one nul byte", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/5"}, {"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"}, {"name": "DSA-4937", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4937"}, {"name": "GLSA-202107-38", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202107-38"}, {"name": "FEDORA-2021-dce7e7738e", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"name": "FEDORA-2021-e3f6dd670d", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210702-0001/"}], "source": {"discovery": "UNKNOWN"}, "title": "mod_auth_digest possible stack overflow by one nul byte", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2020-35452", "STATE": "PUBLIC", "TITLE": "mod_auth_digest possible stack overflow by one nul byte"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache HTTP Server", "version": {"version_data": [{"version_affected": "=", "version_name": "2.4", "version_value": "2.4.46"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.43"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.41"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.39"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.38"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.37"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.35"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.34"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.33"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.29"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.28"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.27"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.26"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.25"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.23"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.20"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.18"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.17"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.16"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.12"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.10"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.9"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.7"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.6"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.4"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.3"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.2"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.1"}, {"version_affected": "=", "version_name": "2.4", "version_value": "2.4.0"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "low"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "mod_auth_digest possible stack overflow by one nul byte"}]}]}, "references": {"reference_data": [{"name": "http://httpd.apache.org/security/vulnerabilities_24.html", "refsource": "MISC", "url": "http://httpd.apache.org/security/vulnerabilities_24.html"}, {"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E", "refsource": "MISC", "url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-announce] 20210609 CVE-2020-35452: mod_auth_digest possible stack overflow by one nul byte", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602@%3Cannounce.httpd.apache.org%3E"}, {"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"}, {"name": "[oss-security] 20210609 CVE-2020-35452: Apache httpd: mod_auth_digest possible stack overflow by one nul byte", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/06/10/5"}, {"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"}, {"name": "DSA-4937", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4937"}, {"name": "GLSA-202107-38", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-38"}, {"name": "FEDORA-2021-dce7e7738e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"name": "FEDORA-2021-e3f6dd670d", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"name": "https://security.netapp.com/advisory/ntap-20210702-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210702-0001/"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:02:08.055Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://httpd.apache.org/security/vulnerabilities_24.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"}, {"name": "[httpd-announce] 20210609 CVE-2020-35452: mod_auth_digest possible stack overflow by one nul byte", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E"}, {"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"}, {"name": "[oss-security] 20210609 CVE-2020-35452: Apache httpd: mod_auth_digest possible stack overflow by one nul byte", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/5"}, {"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"}, {"name": "DSA-4937", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2021/dsa-4937"}, {"name": "GLSA-202107-38", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202107-38"}, {"name": "FEDORA-2021-dce7e7738e", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"name": "FEDORA-2021-e3f6dd670d", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210702-0001/"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2020-35452", "datePublished": "2021-06-10T07:10:21", "dateReserved": "2020-12-14T00:00:00", "dateUpdated": "2024-08-04T17:02:08.055Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "8375A8C8-38EB-4F32-97FD-0841D57C1971", "versionEndIncluding": "2.4.46", "versionStartIncluding": "2.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B095CC03-7077-4A58-AB25-CC5380CDCE5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "matchCriteriaId": "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "matchCriteriaId": "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow"}, {"lang": "es", "value": "Apache HTTP Server versiones 2.4.0 a 2.4.46 Un Digest nonce especialmente dise\u00f1ado puede causar un desbordamiento de pila en la funci\u00f3n mod_auth_digest. No existe reportes de que este desbordamiento sea explotable, ni el equipo del Servidor HTTP Apache podr\u00eda crear uno, aunque alg\u00fan compilador y/o opci\u00f3n de compilaci\u00f3n particular podr\u00eda hacerlo posible, con consecuencias limitadas de todos modos debido al tama\u00f1o (un solo byte) y el valor (cero bytes) del desbordamiento"}], "id": "CVE-2020-35452", "lastModified": "2024-11-21T05:27:18.390", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-10T07:15:07.493", "references": [{"source": "security@apache.org", "tags": ["Vendor Advisory"], "url": "http://httpd.apache.org/security/vulnerabilities_24.html"}, {"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/5"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List", "Release Notes", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"}, {"source": "security@apache.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"source": "security@apache.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202107-38"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210702-0001/"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4937"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://httpd.apache.org/security/vulnerabilities_24.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602%40%3Cannounce.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Release Notes", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202107-38"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210702-0001/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4937"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Antonio Morales (GHSL) and the Apache project for reporting this issue.", "affected_release": [{"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el8", "package": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs", "product_name": "JBoss Core Services for RHEL 8", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2021:4614", "cpe": "cpe:/a:redhat:jboss_core_services:1::el7", "package": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7", "product_name": "JBoss Core Services on RHEL 7", "release_date": "2021-11-10T00:00:00Z"}, {"advisory": "RHSA-2022:1915", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "httpd:2.4-8060020220321163517.d63f516d", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-05-10T00:00:00Z"}, {"advisory": "RHSA-2021:4613", "cpe": "cpe:/a:redhat:jboss_core_services:1", "package": "httpd", "product_name": "Text-Only JBCS", "release_date": "2021-11-10T00:00:00Z"}], "bugzilla": {"description": "httpd: Single zero byte stack overflow in mod_auth_digest", "id": "1966724", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-119", "details": ["Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow", "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "mitigation": {"lang": "en:us", "value": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw."}, "name": "CVE-2020-35452", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "httpd22", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Out of support scope", "package_name": "httpd22", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Fix deferred", "package_name": "httpd24-httpd", "product_name": "Red Hat Software Collections"}], "public_date": "2021-06-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-35452\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-35452\nhttps://httpd.apache.org/security/vulnerabilities_24.html"], "statement": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.", "threat_severity": "Low", "upstream_fix": "httpd 2.4.47"}