CVE-2017-3169

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-3169

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-3169.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-3169

Downstream

ALPINE-CVE-2017-3169

BELL-CVE-2017-3169

DEBIAN-CVE-2017-3169

DLA-1009-1

DSA-3896-1

RHSA-2017:2478

RHSA-2017:2479

RHSA-2017:2483

RHSA-2017:3193

RHSA-2017:3194

RHSA-2017:3195

RHSA-2017:3476

RHSA-2017:3477

SUSE-SU-2017:1714-1

SUSE-SU-2017:2449-1

SUSE-SU-2017:2756-1

SUSE-SU-2017:2907-1

UBUNTU-CVE-2017-3169

USN-3340-1

Related

Published

2017-06-20T01:29:00.360Z

Modified

2026-02-11T13:56:35.352999Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection() during an HTTP request to an HTTPS port.

References

Affected packages

Git / github.com/apache/httpd

Affected ranges

Type: GIT
Repo: https://github.com/apache/httpd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

cd3e5a83cd5765d12b3237631c829eaff80f8425

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-3169.json"