CVE-2024-38476

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

CVE-2024-38474

Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts indirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upg...

CVE-2024-38477

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.Users are recommended to upgrade to version 2.4.60, which fixes this issue.

CVE-2024-21985

ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10and 9.13.1P4 are susceptible to a vulnerability which could allow anauthenticated user with multiple remote accounts with differing roles toperform actions via REST API beyond their intended privilege. Possibleactions include viewin...

CVE-2024-21982

ONTAP versions 9.4 and higher are susceptible to a vulnerabilitywhich when successfully exploited could lead to disclosure of sensitiveinformation to unprivileged attackers when the object-store profilercommand is being run by an administrative user.