{"id":"USN-8239-1","summary":"apache2 vulnerabilities","details":"Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache\nHTTP Server incorrectly handled certain memory operations when using the\nHTTP/2 protocol. A remote attacker could use this issue to cause Apache\nHTTP Server to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 26.04 LTS.\n(CVE-2026-23918)\n\nIt was discovered that the Apache HTTP Server mod_rewrite module\nincorrectly handled certain privileges. A local attacker could possibly use\nthis issue to obtain sensitive information. (CVE-2026-24072)\n\nAndrew Lacambra, Elhanan Haenel, Tianshuo Han, and Tristan Madani\ndiscovered that the Apache HTTP Server mod_proxy_ajp module incorrectly\nhandled certain AJP server messages. An attacker in control of a backend\nAJP server could use this issue to cause Apache HTTP Server to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2026-28780)\n\nPavel Kohout discovered that Apache HTTP Server did not properly limit\nresource allocation in mod_md when processing OCSP response data. A\nremote attacker could possibly use this issue to cause a denial of\nservice. (CVE-2026-29168)\n\nPavel Kohout discovered that the Apache HTTP Server incorrectly handled\ncertain memory operations in mod_dav_lock. A remote attacker could possibly\nuse this issue to cause Apache HTTP Server to crash, resulting in a denial\nof service. (CVE-2026-29169)\n\nNitescu Lucian discovered that Apache HTTP Server had a timing attack\nvulnerability in mod_auth_digest. A remote attacker could possibly\nuse this issue to bypass Digest authentication. (CVE-2026-33006)\n\nPavel Kohout and Arkadi Vainbrand discovered that Apache HTTP Server\nincorrectly handled certain memory operations in mod_authn_socache. A\nremote attacker could possibly use this issue to cause Apache HTTP Server\nto crash, resulting in a denial of service. (CVE-2026-33007)\n\nHaruki Oyama, Merih Mengisteab, and Dawit Jeong discovered that\nApache HTTP Server had an HTTP response splitting vulnerability in\nmultiple modules when used with untrusted or compromised backend\nservers. An attacker could possibly use this issue to inject arbitrary\nHTTP headers. (CVE-2026-33523)\n\nElhanan Haenel discovered that Apache HTTP Server incorrectly handled\ncertain memory operations in mod_proxy_ajp. A remote attacker could\npossibly use this issue to cause Apache HTTP Server to crash, resulting in\na denial of service. (CVE-2026-33857)\n\nTianshuo Han and Jérôme Djouder discovered that Apache HTTP Server\nincorrectly handled certain string operations in mod_proxy_ajp. A remote\nattacker could possibly use this issue to obtain sensitive information.\n(CVE-2026-34032)\n\nElhanan Haenel discovered that Apache HTTP Server incorrectly handled\ncertain memory operations in mod_proxy_ajp. A remote attacker could use\nthis issue to cause Apache HTTP Server to crash, resulting in a denial of\nservice, or possibly obtain sensitive information. (CVE-2026-34059)","modified":"2026-05-20T16:04:04.155244264Z","published":"2026-05-06T19:55:12Z","related":["UBUNTU-CVE-2026-23918","UBUNTU-CVE-2026-24072","UBUNTU-CVE-2026-28780","UBUNTU-CVE-2026-29168","UBUNTU-CVE-2026-29169","UBUNTU-CVE-2026-33006","UBUNTU-CVE-2026-33007","UBUNTU-CVE-2026-33523","UBUNTU-CVE-2026-33857","UBUNTU-CVE-2026-34032","UBUNTU-CVE-2026-34059"],"upstream":["UBUNTU-CVE-2026-23918","UBUNTU-CVE-2026-24072","UBUNTU-CVE-2026-28780","UBUNTU-CVE-2026-29168","UBUNTU-CVE-2026-29169","UBUNTU-CVE-2026-33006","UBUNTU-CVE-2026-33007","UBUNTU-CVE-2026-33523","UBUNTU-CVE-2026-33857","UBUNTU-CVE-2026-34032","UBUNTU-CVE-2026-34059"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8239-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-23918"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-24072"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-28780"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-29168"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-29169"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-33006"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-33007"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-33523"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-33857"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-34032"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-34059"}],"affected":[{"package":{"name":"apache2","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/apache2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.52-1ubuntu4.20"}]}],"versions":["2.4.48-3.1ubuntu3","2.4.48-3.1ubuntu4","2.4.51-2ubuntu1","2.4.52-1ubuntu1","2.4.52-1ubuntu2","2.4.52-1ubuntu4","2.4.52-1ubuntu4.1","2.4.52-1ubuntu4.2","2.4.52-1ubuntu4.3","2.4.52-1ubuntu4.4","2.4.52-1ubuntu4.5","2.4.52-1ubuntu4.6","2.4.52-1ubuntu4.7","2.4.52-1ubuntu4.8","2.4.52-1ubuntu4.9","2.4.52-1ubuntu4.10","2.4.52-1ubuntu4.11","2.4.52-1ubuntu4.12","2.4.52-1ubuntu4.13","2.4.52-1ubuntu4.14","2.4.52-1ubuntu4.15","2.4.52-1ubuntu4.16","2.4.52-1ubuntu4.18","2.4.52-1ubuntu4.19"],"ecosystem_specific":{"binaries":[{"binary_name":"apache2","binary_version":"2.4.52-1ubuntu4.20"},{"binary_name":"apache2-bin","binary_version":"2.4.52-1ubuntu4.20"},{"binary_name":"apache2-data","binary_version":"2.4.52-1ubuntu4.20"},{"binary_name":"apache2-suexec-custom","binary_version":"2.4.52-1ubuntu4.20"},{"binary_name":"apache2-suexec-pristine","binary_version":"2.4.52-1ubuntu4.20"},{"binary_name":"apache2-utils","binary_version":"2.4.52-1ubuntu4.20"},{"binary_name":"libapache2-mod-md","binary_version":"2.4.52-1ubuntu4.20"},{"binary_name":"libapache2-mod-proxy-uwsgi","binary_version":"2.4.52-1ubuntu4.20"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8239-1.json","cves_map":{"cves":[{"id":"CVE-2026-24072","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28780","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29168","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29169","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33006","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33007","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33523","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33857","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34032","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34059","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:22.04:LTS"}}},{"package":{"name":"apache2","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/apache2?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.58-1ubuntu8.12"}]}],"versions":["2.4.57-2ubuntu2","2.4.57-2ubuntu3","2.4.58-1ubuntu1","2.4.58-1ubuntu2","2.4.58-1ubuntu6","2.4.58-1ubuntu7","2.4.58-1ubuntu8","2.4.58-1ubuntu8.1","2.4.58-1ubuntu8.2","2.4.58-1ubuntu8.3","2.4.58-1ubuntu8.4","2.4.58-1ubuntu8.5","2.4.58-1ubuntu8.6","2.4.58-1ubuntu8.7","2.4.58-1ubuntu8.8","2.4.58-1ubuntu8.10","2.4.58-1ubuntu8.11"],"ecosystem_specific":{"binaries":[{"binary_name":"apache2","binary_version":"2.4.58-1ubuntu8.12"},{"binary_name":"apache2-bin","binary_version":"2.4.58-1ubuntu8.12"},{"binary_name":"apache2-data","binary_version":"2.4.58-1ubuntu8.12"},{"binary_name":"apache2-suexec-custom","binary_version":"2.4.58-1ubuntu8.12"},{"binary_name":"apache2-suexec-pristine","binary_version":"2.4.58-1ubuntu8.12"},{"binary_name":"apache2-utils","binary_version":"2.4.58-1ubuntu8.12"},{"binary_name":"libapache2-mod-md","binary_version":"2.4.58-1ubuntu8.12"},{"binary_name":"libapache2-mod-proxy-uwsgi","binary_version":"2.4.58-1ubuntu8.12"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2026-24072","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28780","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29168","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29169","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33006","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33007","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33523","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33857","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34032","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34059","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:24.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8239-1.json"}},{"package":{"name":"apache2","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/apache2?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.64-1ubuntu3.4"}]}],"versions":["2.4.63-1ubuntu1","2.4.63-1ubuntu3","2.4.64-1ubuntu2","2.4.64-1ubuntu3","2.4.64-1ubuntu3.2","2.4.64-1ubuntu3.3"],"ecosystem_specific":{"binaries":[{"binary_name":"apache2","binary_version":"2.4.64-1ubuntu3.4"},{"binary_name":"apache2-bin","binary_version":"2.4.64-1ubuntu3.4"},{"binary_name":"apache2-data","binary_version":"2.4.64-1ubuntu3.4"},{"binary_name":"apache2-suexec-custom","binary_version":"2.4.64-1ubuntu3.4"},{"binary_name":"apache2-suexec-pristine","binary_version":"2.4.64-1ubuntu3.4"},{"binary_name":"apache2-utils","binary_version":"2.4.64-1ubuntu3.4"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8239-1.json","cves_map":{"cves":[{"id":"CVE-2026-24072","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28780","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29168","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29169","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33006","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33007","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33523","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33857","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34032","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34059","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:25.10"}}},{"package":{"name":"apache2","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/apache2?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.66-2ubuntu2.1"}]}],"versions":["2.4.64-1ubuntu3","2.4.65-3ubuntu1","2.4.66-2ubuntu1","2.4.66-2ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_name":"apache2","binary_version":"2.4.66-2ubuntu2.1"},{"binary_name":"apache2-bin","binary_version":"2.4.66-2ubuntu2.1"},{"binary_name":"apache2-data","binary_version":"2.4.66-2ubuntu2.1"},{"binary_name":"apache2-suexec-custom","binary_version":"2.4.66-2ubuntu2.1"},{"binary_name":"apache2-suexec-pristine","binary_version":"2.4.66-2ubuntu2.1"},{"binary_name":"apache2-utils","binary_version":"2.4.66-2ubuntu2.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8239-1.json","cves_map":{"cves":[{"id":"CVE-2026-23918","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2026-24072","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2026-28780","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29168","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-29169","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33006","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33007","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33523","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-33857","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34032","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-34059","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:26.04:LTS"}}}],"schema_version":"1.7.5"}