[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2018:2554-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":52,"epss":9,"epss_history":53,"metrics":54,"affected":55},"SUSE-SU-2018:2554-1","Security update for apache2\n\nThis update for apache2 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2016-8743: Fixed liberal whitespace interpretation accepted from requests\n  and sent in response lines and headers. Accepting these different behaviors\n  represented a security concern when httpd participates in any chain of\n  proxies or interacts with back-end application servers, either through\n  mod_proxy or using conventional CGI mechanisms, and may result in request\n  smuggling, response splitting and cache pollution. (bsc#1016715)\n- CVE-2016-4975: Fixed possible CRLF injection allowing HTTP response splitting\n  attacks for sites which use mod_userdir. This issue was mitigated by changes\n  which prohibit CR or LF injection into the 'Location' or other outbound\n  header key or value. (bsc#1104826)\n  ",null,[],[],[],[14,16],{"_key":15},"CVE-2016-4975",{"_key":17},"CVE-2016-8743",[],[],[21,22],{"_key":15},{"_key":17},"2018-08-30T06:44:40Z","2025-05-02T04:05:19.847069Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43,48],{"url":29,"sources":30,"tags":32},"https://www.suse.com/support/update/announcement/2018/suse-su-20182554-1/",[31],"osv_suse",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1016715",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.suse.com/1104826",[31],[38],{"url":44,"sources":45,"tags":46},"https://www.suse.com/security/cve/CVE-2016-4975",[31],[47],"WEB",{"url":49,"sources":50,"tags":51},"https://www.suse.com/security/cve/CVE-2016-8743",[31],[47],[],[],[],[56,69],{"ecosystem":57,"name":58,"vendor":59,"product":60,"cpe_part":9,"purl_type":61,"purl_namespace":59,"purl_name":60,"source":9,"versions":62},"SUSE Linux Enterprise","apache2","suse","apache2&distro=SUSE Linux Enterprise Server 12 SP1-LTSS","rpm",[63],{"version":64,"is_range":65,"range_type":66,"version_start":9,"version_start_type":9,"version_end":67,"version_end_type":68,"fixed_in":9},"lt2_4_16_20_19_1",true,"ecosystem","2.4.16-20.19.1","excluding",{"ecosystem":57,"name":58,"vendor":59,"product":70,"cpe_part":9,"purl_type":61,"purl_namespace":59,"purl_name":70,"source":9,"versions":71},"apache2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1",[72],{"version":64,"is_range":65,"range_type":66,"version_start":9,"version_start_type":9,"version_end":67,"version_end_type":68,"fixed_in":9}]