vulnerability
FreeBSD: VID-eb888ce5-1f19-11e9-be05-4c72b94353b5 (CVE-2019-0190): Apache -- vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jan 23, 2019 | Jan 24, 2019 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jan 23, 2019
Added
Jan 24, 2019
Modified
Dec 10, 2025
Description
The Apache httpd Project reports: SECURITY: CVE-2018-17199 mod_session: mod_session_cookie does not respect expiry time allowing sessions to be reused. SECURITY: CVE-2019-0190 mod_ssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and later. PR 63052. SECURITY: CVE-2018-17189 mod_http2: fixes a DoS attack vector. By sending slow request bodies to resources not consuming them, httpd cleanup code occupies a server thread unnecessarily. This was changed to an immediate stream reset which discards all stream state and incoming data.
Solution
freebsd-upgrade-package-apache24
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.