DEBIAN-CVE-2006-20001

DEBIAN-CVE-2006-20001 PUBLISHED CVSS 7.5 HIGH

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	apache2	, , 2.4.54-5
Debian:14	apache2	0, 0, 0
Debian:13	apache2	0, 0, 0
Debian:12	apache2	0, 0, 0

Timeline

Jan 17, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2006-20001 advisory

Open in Interactive Console →