A crafted request uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Oracle Linux 7 : httpd (ELSA-2021-3856) | 15 Oct 202100:00 | – | nessus |
![]() | RHEL 7 : httpd24-httpd (RHSA-2021:3754) | 12 Oct 202100:00 | – | nessus |
![]() | Apache < 2.4.49 Multiple Vulnerabilities | 23 Sep 202100:00 | – | nessus |
![]() | RHEL 8 : httpd:2.4 (RHSA-2021:3837) | 13 Oct 202100:00 | – | nessus |
![]() | Oracle HTTP Server (Jan 2022 CPU) | 21 Jan 202200:00 | – | nessus |
![]() | CentOS 7 : httpd (RHSA-2021:3856) | 17 Nov 202100:00 | – | nessus |
![]() | NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Vulnerability (NS-SA-2022-0016) | 9 May 202200:00 | – | nessus |
![]() | RHEL 8 : httpd:2.4 (RHSA-2021:3836) | 13 Oct 202100:00 | – | nessus |
![]() | RHEL 7 : httpd (RHSA-2021:3856) | 15 Oct 202100:00 | – | nessus |
![]() | RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9 (RHSA-2021:3746) | 7 Oct 202100:00 | – | nessus |
[
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.4.48",
"status": "affected",
"version": "Apache HTTP Server 2.4",
"versionType": "custom"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo