{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34032", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2026-03-25T13:39:27.421Z", "datePublished": "2026-05-04T12:54:54.383Z", "dateUpdated": "2026-05-04T17:32:51.452Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "2.4.66", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tianshuo Han (<hantianshuo233@gmail.com>)"}, {"lang": "en", "type": "finder", "value": "J\u00e9r\u00f4me Djouder"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server.</p><p>This issue affects Apache HTTP Server: through 2.4.66.</p><p>Users are recommended to upgrade to version 2.4.67, which fixes the issue.</p>"}], "value": "Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: through 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.67, which fixes the issue."}], "metrics": [{"other": {"content": {"text": "low"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-170", "description": "CWE-170 Improper Null Termination", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-05-04T12:54:54.383Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}], "source": {"discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2026-03-01T02:27:00.000Z", "value": "Report received"}, {"lang": "en", "time": "2026-05-04T12:00:00.000Z", "value": "fixed in 2.4.x by r1933343"}], "title": "Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-05-04T14:05:36.659371Z", "id": "CVE-2026-34032", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-04T14:05:58.672Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/05/04/16"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-05-04T17:32:51.452Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/05/04/16"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-05-04T17:32:51.452Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-34032", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-05-04T14:05:36.659371Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-04T14:03:43.907Z"}}], "cna": {"title": "Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Tianshuo Han (<hantianshuo233@gmail.com>)"}, {"lang": "en", "type": "finder", "value": "J\u00e9r\u00f4me Djouder"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "low"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache HTTP Server", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.4.66"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-03-01T02:27:00.000Z", "value": "Report received"}, {"lang": "en", "time": "2026-05-04T12:00:00.000Z", "value": "fixed in 2.4.x by r1933343"}], "references": [{"url": "https://httpd.apache.org/security/vulnerabilities_24.html", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: through 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.67, which fixes the issue.", "supportingMedia": [{"type": "text/html", "value": "<p>Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server.</p><p>This issue affects Apache HTTP Server: through 2.4.66.</p><p>Users are recommended to upgrade to version 2.4.67, which fixes the issue.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-170", "description": "CWE-170 Improper Null Termination"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-05-04T12:54:54.383Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34032", "state": "PUBLISHED", "dateUpdated": "2026-05-04T17:32:51.452Z", "dateReserved": "2026-03-25T13:39:27.421Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2026-05-04T12:54:54.383Z", "assignerShortName": "apache"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FF781BA-CF81-400B-A155-4DAE0BD856EE", "versionEndExcluding": "2.4.67", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: through 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.67, which fixes the issue."}], "id": "CVE-2026-34032", "lastModified": "2026-05-04T20:25:47.733", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-05-04T14:16:33.447", "references": [{"source": "security@apache.org", "tags": ["Vendor Advisory"], "url": "https://httpd.apache.org/security/vulnerabilities_24.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2026/05/04/16"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-170"}], "source": "security@apache.org", "type": "Secondary"}]}

{"bugzilla": {"description": "httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check", "id": "2464952", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464952"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.2", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-170", "details": ["A flaw was found in the mod_proxy_ajp module of httpd. When processing AJP (Apache JServ Protocol) messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially leads to memory disclosure and a denial of service."], "mitigation": {"lang": "en:us", "value": "Disabling mod_proxy_ajp and restarting httpd will mitigate this flaw."}, "name": "CVE-2026-34032", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "httpd:2.4/httpd", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "httpd", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Affected", "package_name": "httpd", "product_name": "Red Hat Hardened Images"}, {"cpe": "cpe:/a:redhat:jboss_core_services:1", "fix_state": "Affected", "package_name": "mod_proxy_ajp.so", "product_name": "Red Hat JBoss Core Services"}], "public_date": "2026-05-04T12:54:54Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34032\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34032\nhttps://httpd.apache.org/security/vulnerabilities_24.html"], "statement": "To exploit this issue, the Apache HTTP Server must be configured to connect to an untrusted or compromised AJP backend server, limiting its exposure. Due to this reason, this flaw has been rated with a moderate severity.\nThis flaw only affects configurations with mod_proxy_ajp loaded and being used. This module can be disabled via the configuration file if its functionality is not being used.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.4.66]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Apache HTTP Server", "source": "cna", "vendor": "Apache Software Foundation"}, "product": "http_server", "vendor": "apache"}], "created": "2026-05-04T14:45:02.196914+00:00", "updated": "2026-05-04T16:00:04.321893+00:00", "vendors": ["apache", "apache$PRODUCT$http_server"]}