Apache HTTP Server Denial of Service via Malformed Request

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Apache HTTP Server Denial of Service via Malformed Request

ECHO-cd1b-a137-2e06

Summary

Apache HTTP Server can crash if it receives a specially crafted request. This can happen if an attacker sends a malicious HTTP request, potentially leading to a denial of service. Apache administrators should update to the latest version to prevent this issue.

What to do

Update openssl to version 3.0.19-1~deb12u2.

Affected software

Vendor	Product	Affected versions	Fix available
–	openssl	<= 3.0.19-1~deb12u2	3.0.19-1~deb12u2

Original title

ECHO-cd1b-a137-2e06

https://advisory.echohq.com/cve/CVE-2026-31790 URL

Published: 8 Apr 2026 · Updated: 8 Apr 2026 · First seen: 8 Apr 2026