Lucene search

Alpine Linux Development TeamALPINE:CVE-2024-38477

HistoryJul 01, 2024 - 7:15 p.m.

CVE-2024-38477

2024-07-0119:15:05

Alpine Linux Development Team

security.alpinelinux.org

cve-2024-38477

mod_proxy

crash

upgrade

version 2.4.60

unix

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.

OSVersionArchitecturePackageVersionFilename
Alpineedge-mainnoarchapache2< 2.4.60-r0UNKNOWN
Alpine3.17-mainnoarchapache2< 2.4.60-r0UNKNOWN
Alpine3.18-mainnoarchapache2< 2.4.60-r0UNKNOWN
Alpine3.19-mainnoarchapache2< 2.4.60-r0UNKNOWN
Alpine3.20-mainnoarchapache2< 2.4.60-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-main	noarch	apache2	< 2.4.60-r0	UNKNOWN
Alpine	3.17-main	noarch	apache2	< 2.4.60-r0	UNKNOWN
Alpine	3.18-main	noarch	apache2	< 2.4.60-r0	UNKNOWN
Alpine	3.19-main	noarch	apache2	< 2.4.60-r0	UNKNOWN
Alpine	3.20-main	noarch	apache2	< 2.4.60-r0	UNKNOWN