CVE-2014-0118

EPSS 41.3%

apache2 - security update

Published: 7/20/2014Modified: 4/28/2026

Description

The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.

Affected packages (2)

Debian/apache2from 0, < 2.4.10-1
Debian/apache2from 0, < 2.2.22-13+deb7u3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-0118