Lucene search
ApacheVULNRICHMENT:CVE-2024-38477HistoryJul 01, 2024 - 6:16 p.m.
CVE-2024-38477 Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
2024-07-0118:16:11
CWE-476
apache
github.com
4
apache http server
mod_proxy
denial of service
fix
cve-2024-38477
upgrade
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
48.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
CNA Affected
[
{
"vendor": "Apache Software Foundation",
"product": "Apache HTTP Server",
"versions": [
{
"status": "affected",
"version": "2.4.0",
"versionType": "semver",
"lessThanOrEqual": "2.4.59"
}
],
"defaultStatus": "unaffected"
}
]Related
f5
f5
K000140784: Apache HTTPD vulnerability CVE-2024-38477
2024-08-23 00:00:00
veracode
veracode
NULL Pointer Dereference
2024-07-09 06:07:13
nessus
nessus
F5 Networks BIG-IP : Apache HTTPD vulnerability (K000140784)
2024-08-23 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2024:2405-1)
2024-07-12 00:00:00
RHEL 8 : httpd:2.4 (RHSA-2024:4827)
2024-07-24 00:00:00
cvelist
cvelist
osv
osv
BIT-apache-2024-38477
2024-07-03 07:16:30
CVE-2024-38477
2024-07-01 19:15:05
apache2 vulnerabilities
2024-09-18 09:36:05
debiancve
debiancve
CVE-2024-38477
2024-07-01 19:15:05
nvd
nvd
CVE-2024-38477
2024-07-01 19:15:05
ubuntucve
ubuntucve
CVE-2024-38477
2024-07-01 00:00:00
alpinelinux
alpinelinux
CVE-2024-38477
2024-07-01 19:15:05
redhatcve
redhatcve
CVE-2024-38477
2024-07-01 21:49:48
hackerone
hackerone
cve
cve
CVE-2024-38477
2024-07-01 19:15:05
oraclelinux
oraclelinux
httpd security update
2024-09-13 00:00:00
httpd security update
2024-07-23 00:00:00
httpd:2.4 security update
2024-07-23 00:00:00
redhat
redhat
(RHSA-2024:4719) Important: httpd:2.4 security update
2024-07-23 08:05:55
(RHSA-2024:4820) Important: httpd:2.4 security update
2024-07-24 12:32:35
(RHSA-2024:4830) Important: httpd:2.4 security update
2024-07-24 12:41:40
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2436-1)
2024-08-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2624-1)
2024-07-31 00:00:00
Ubuntu: Security Advisory (USN-6885-3)
2024-09-19 00:00:00
amazon
amazon
Important: httpd24
2024-07-17 22:27:00
Important: httpd
2024-07-18 02:00:00
rocky
rocky
httpd security update
2024-07-26 12:33:59
almalinux
almalinux
Important: httpd security update
2024-07-23 00:00:00
Important: httpd:2.4 security update
2024-07-23 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: httpd-2.4.61-1.fc39
2024-07-19 02:21:50
[SECURITY] Fedora 40 Update: httpd-2.4.61-1.fc40
2024-07-09 01:55:52
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2024-07-01 00:00:00
ibm
ibm
kaspersky
kaspersky
KLA70199 Multiple vulnerabilities in Apache HTTP Server
2024-07-01 00:00:00
ubuntu
ubuntu
Apache HTTP Server regression
2024-07-11 00:00:00
Apache HTTP Server vulnerabilities
2024-07-08 00:00:00
slackware
slackware
[slackware-security] httpd
2024-07-02 19:38:48
mageia
mageia
Updated apache packages fix security vulnerabilities
2024-07-09 10:01:06
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
48.0%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-38477