Versions of Apache HTTP server 2.4.6, 2.4.7, and 2.4.9 are unpatched for the following vulnerability:
Binary data 700213.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
httpd.apache.org/security/vulnerabilities_24.html