2 matches found
CVE-2021-44224
CVE-2021-44224 concerns Apache HTTP Server (httpd) with the mod_proxy forward proxy configuration. A crafted URI to a forward proxy (ProxyRequests on) can trigger a NULL pointer dereference, causing a crash. In configurations that mix forward and reverse proxy declarations, it can enable requests...
CVE-2009-1955
CVE-2009-1955 affects the Expact XML parser used by the apr_xml_* interface in xml/apr_xml.c of APR-util, with the vulnerability present in APR-util prior to 1.3.7. In Apache HTTP Server deployments that enable mod_dav and mod_dav_svn, a crafted XML document containing a large number of nested en...