Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-03222
HistoryOct 08, 2021 - 12:00 a.m.

Apache HTTP Server path traversal vulnerability

2021-10-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
74

EPSS

0.975

Percentile

100.0%

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server version 2.4.49 has a path traversal vulnerability, which originates from the ap_normalize_path function introduced without strict checksum, and can be exploited by attackers to obtain sensitive information or take control of the target server.

CPENameOperatorVersion
apache http servereq2.4.49