CVE-2016-1546 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-1546 PUBLISHED

Reported by certcc · Published July 6, 2016

The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service (stream-processing outage) via modified flow-control windows.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Jul 6, 2016 CVE Published
Feb 4, 2022 EPSS Score
Jul 19, 2023 EPSS Score
Oct 7, 2023 EPSS Score
Aug 5, 2024 CVE Updated
Jan 29, 2025 EPSS Score
Mar 17, 2025 EPSS Score
May 1, 2025 EPSS Score
May 15, 2025 EPSS Score
May 30, 2025 EPSS Score
Jun 1, 2025 EPSS Score
Jul 1, 2025 EPSS Score

References

92331 vdb-entryx_refsource_BID
x_refsource_CONFIRM
GLSA-201610-02 vendor-advisoryx_refsource_GENTOO
RHSA-2017:1161 vendor-advisoryx_refsource_REDHAT
x_refsource_CONFIRM
x_refsource_CONFIRM
x_refsource_CONFIRM
x_refsource_CONFIRM
x_refsource_CONFIRM
[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ mailing-listx_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/ mailing-listx_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ mailing-listx_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ mailing-listx_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html mailing-listx_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ mailing-listx_refsource_MLIST

…and 1 more

Open in Interactive Console →