Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2024/08/13 1:18 p.m.5 views

httpd: Potential SSRF in mod_rewrite

A flaw was found in the modrewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the modproxy module...

7.5CVSS7AI score0.35447EPSS
Exploits0References5
OSV
OSV
added 2024/07/19 11:8 a.m.3 views

OESA-2024-1853 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or...

9.8CVSS7AI score0.03153EPSS
Exploits0References3
OSV
OSV
added 2024/07/01 7:15 p.m.3 views

ALPINE-CVE-2024-39573

Potential SSRF in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by modproxy. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

7.5CVSS6.8AI score0.35447EPSS
Exploits0References1
OSV
OSV
added 2024/07/01 7:15 p.m.2 views

UBUNTU-CVE-2024-39573

Potential SSRF in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by modproxy. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

7.5CVSS6.6AI score0.35447EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2024/07/01 6:15 p.m.55 views

CVE-2024-38475

Improper escaping of output in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure...

9.1CVSS9.9AI score0.99957EPSS
Exploits1
Rows per page
Query Builder