Lucene search

K
cvelistApacheCVELIST:CVE-2019-10098
HistorySep 25, 2019 - 4:39 p.m.

CVE-2019-10098

2019-09-2516:39:23
CWE-601
apache
www.cve.org
10

AI Score

7.8

Confidence

High

EPSS

0.142

Percentile

95.8%

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.

CNA Affected

[
  {
    "product": "Apache HTTP Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "2.4.0 to 2.4.39"
      }
    ]
  }
]

References