MGASA-2020-0166

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2020-1927 CVE-2020-1934

Published: 15 Apr 2020, 10:12

Last modified:16 Apr 2026, 04:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 Apr 2020, 10:12

Published

Vulnerability first disclosed

16 Apr 2026, 04:25

Last Modified

Vulnerability information updated

Description

Updated apache packages fix security vulnerabilities Updated apache packages fix security vulnerabilities: In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL (CVE-2020-1927). In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (CVE-2020-1934).

Affected Systems

mageia•apache
< 2.4.43-1.mga7

MGASA-2020-0166

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)