6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.2%
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
bugzilla.redhat.com/show_bug.cgi?id=2295016
httpd.apache.org/security/vulnerabilities_24.html
nvd.nist.gov/vuln/detail/CVE-2024-38477
www.cve.org/CVERecord?id=CVE-2024-38477