[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2014-0527":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":48,"epss":9,"epss_history":49,"metrics":50,"affected":51},"MGASA-2014-0527","Updated apache packages fix security vulnerabilities\n\nUpdated apache packages fix security vulnerabilities:\n\nA NULL pointer dereference flaw was found in the way the mod_cache httpd\nmodule handled Content-Type headers. A malicious HTTP server could cause\nthe httpd child process to crash when the Apache HTTP server was configured\nto proxy to a server with caching enabled (CVE-2014-3581).\n\nA flaw was found in the way httpd handled HTTP Trailer headers when\nprocessing requests using chunked encoding. A malicious client could use\nTrailer headers to set additional HTTP headers after header processing was\nperformed by other modules. This could, for example, lead to a bypass of\nheader restrictions defined with mod_headers (CVE-2013-5704).\n\nNote: With this update, httpd has been modified to not merge HTTP Trailer\nheaders with other HTTP request headers. A newly introduced configuration\ndirective MergeTrailers can be used to re-enable the old method of\nprocessing Trailer headers, which also re-introduces the aforementioned\nflaw.\n\nThis update also fixes the following bug:\n\nPrior to this update, the mod_proxy_wstunnel module failed to set up an\nSSL connection when configured to use a back end server using the \"wss:\"\nURL scheme, causing proxied connections to fail. In these updated packages,\nSSL is used when proxying to \"wss:\" back end servers (rhbz#1141950).\n",null,[],[],[],[14,16],{"_key":15},"CVE-2014-3581",{"_key":17},"CVE-2014-5704",[],[],[21,22],{"_key":15},{"_key":17},"2014-12-13T20:16:05Z","2026-04-16T06:23:49.664371311Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43],{"url":29,"sources":30,"tags":32},"https://advisories.mageia.org/MGASA-2014-0527.html",[31],"osv_mageia",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugs.mageia.org/show_bug.cgi?id=14773",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.redhat.com/show_bug.cgi?id=1141950",[31],[38],{"url":44,"sources":45,"tags":46},"https://rhn.redhat.com/errata/RHSA-2014-1972.html",[31],[38,47],"WEB",[],[],[],[52],{"ecosystem":53,"name":54,"vendor":55,"product":54,"cpe_part":9,"purl_type":56,"purl_namespace":55,"purl_name":54,"source":9,"versions":57},"Mageia","apache","mageia","rpm",[58],{"version":59,"is_range":60,"range_type":61,"version_start":9,"version_start_type":9,"version_end":62,"version_end_type":63,"fixed_in":9},"lt2_4_7_5_4_mga4",true,"ecosystem","2.4.7-5.4.mga4","excluding"]