CVE-2021-26690 mod_session NULL pointer dereference

2021-06-1007:10:22

apache

www.cve.org

8.7 High

AI Score

Confidence

High

0.052 Low

EPSS

Percentile

93.1%

JSON

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

CNA Affected

[
  {
    "product": "Apache HTTP Server",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "2.4.46"
      },
      {
        "status": "affected",
        "version": "2.4.43"
      },
      {
        "status": "affected",
        "version": "2.4.41"
      },
      {
        "status": "affected",
        "version": "2.4.39"
      },
      {
        "status": "affected",
        "version": "2.4.38"
      },
      {
        "status": "affected",
        "version": "2.4.37"
      },
      {
        "status": "affected",
        "version": "2.4.35"
      },
      {
        "status": "affected",
        "version": "2.4.34"
      },
      {
        "status": "affected",
        "version": "2.4.33"
      },
      {
        "status": "affected",
        "version": "2.4.29"
      },
      {
        "status": "affected",
        "version": "2.4.28"
      },
      {
        "status": "affected",
        "version": "2.4.27"
      },
      {
        "status": "affected",
        "version": "2.4.26"
      },
      {
        "status": "affected",
        "version": "2.4.25"
      },
      {
        "status": "affected",
        "version": "2.4.23"
      },
      {
        "status": "affected",
        "version": "2.4.20"
      },
      {
        "status": "affected",
        "version": "2.4.18"
      },
      {
        "status": "affected",
        "version": "2.4.17"
      },
      {
        "status": "affected",
        "version": "2.4.16"
      },
      {
        "status": "affected",
        "version": "2.4.12"
      },
      {
        "status": "affected",
        "version": "2.4.10"
      },
      {
        "status": "affected",
        "version": "2.4.9"
      },
      {
        "status": "affected",
        "version": "2.4.7"
      },
      {
        "status": "affected",
        "version": "2.4.6"
      },
      {
        "status": "affected",
        "version": "2.4.4"
      },
      {
        "status": "affected",
        "version": "2.4.3"
      },
      {
        "status": "affected",
        "version": "2.4.2"
      },
      {
        "status": "affected",
        "version": "2.4.1"
      },
      {
        "status": "affected",
        "version": "2.4.0"
      }
    ]
  }
]