For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7s390xhttpd24-mod_proxy_html< 2.4.34-22.el7.1httpd24-mod_proxy_html-2.4.34-22.el7.1.s390x.rpm
RedHat7ppc64lehttpd24-mod_proxy_html< 2.4.34-22.el7.1httpd24-mod_proxy_html-2.4.34-22.el7.1.ppc64le.rpm
RedHat7x86_64httpd24-mod_ssl< 2.4.34-22.el7.1httpd24-mod_ssl-2.4.34-22.el7.1.x86_64.rpm
RedHat7ppc64lehttpd24-httpd< 2.4.34-22.el7.1httpd24-httpd-2.4.34-22.el7.1.ppc64le.rpm
RedHat7ppc64lehttpd24-mod_ldap< 2.4.34-22.el7.1httpd24-mod_ldap-2.4.34-22.el7.1.ppc64le.rpm
RedHat7x86_64httpd24-mod_session< 2.4.34-22.el7.1httpd24-mod_session-2.4.34-22.el7.1.x86_64.rpm
RedHat7s390xhttpd24-httpd-tools< 2.4.34-22.el7.1httpd24-httpd-tools-2.4.34-22.el7.1.s390x.rpm
RedHat7ppc64lehttpd24-httpd-debuginfo< 2.4.34-22.el7.1httpd24-httpd-debuginfo-2.4.34-22.el7.1.ppc64le.rpm
RedHat7ppc64lehttpd24-mod_session< 2.4.34-22.el7.1httpd24-mod_session-2.4.34-22.el7.1.ppc64le.rpm
RedHat7noarchhttpd24-httpd-manual< 2.4.34-22.el7.1httpd24-httpd-manual-2.4.34-22.el7.1.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	s390x	httpd24-mod_proxy_html	< 2.4.34-22.el7.1	httpd24-mod_proxy_html-2.4.34-22.el7.1.s390x.rpm
RedHat	7	ppc64le	httpd24-mod_proxy_html	< 2.4.34-22.el7.1	httpd24-mod_proxy_html-2.4.34-22.el7.1.ppc64le.rpm
RedHat	7	x86_64	httpd24-mod_ssl	< 2.4.34-22.el7.1	httpd24-mod_ssl-2.4.34-22.el7.1.x86_64.rpm
RedHat	7	ppc64le	httpd24-httpd	< 2.4.34-22.el7.1	httpd24-httpd-2.4.34-22.el7.1.ppc64le.rpm
RedHat	7	ppc64le	httpd24-mod_ldap	< 2.4.34-22.el7.1	httpd24-mod_ldap-2.4.34-22.el7.1.ppc64le.rpm
RedHat	7	x86_64	httpd24-mod_session	< 2.4.34-22.el7.1	httpd24-mod_session-2.4.34-22.el7.1.x86_64.rpm
RedHat	7	s390x	httpd24-httpd-tools	< 2.4.34-22.el7.1	httpd24-httpd-tools-2.4.34-22.el7.1.s390x.rpm
RedHat	7	ppc64le	httpd24-httpd-debuginfo	< 2.4.34-22.el7.1	httpd24-httpd-debuginfo-2.4.34-22.el7.1.ppc64le.rpm
RedHat	7	ppc64le	httpd24-mod_session	< 2.4.34-22.el7.1	httpd24-mod_session-2.4.34-22.el7.1.ppc64le.rpm
RedHat	7	noarch	httpd24-httpd-manual	< 2.4.34-22.el7.1	httpd24-httpd-manual-2.4.34-22.el7.1.noarch.rpm

Rows per page:

1-10 of 251

cisa_kev 1

redhat 8

nessus 57

ibm 12

osv 13

centos 1

oraclelinux 2

openvas 34

githubexploit 8

f5 1

cnvd 1

veracode 1

cbl_mariner 2

ubuntucve 2

nvd 2

nuclei 1

almalinux 3

cve 2

hackerone 1

httpd 1

checkpoint_advisories 1

rocky 3

prion 2

redhatcve 2

alpinelinux 1

cvelist 2

debiancve 2

rapid7blog 1

attackerkb 1

ubuntu 4

debian 2

ics 1

photon 5

suse 2

cisco 1

mageia 1

freebsd 1

trellix 2

cisa 1

altlinux 2

kaspersky 1

slackware 1

rosalinux 2

amazon 2

fedora 2

gentoo 1

cisa_kev

Apache HTTP Server-Side Request Forgery (SSRF)

2021-12-01 00:00:00

redhat

(RHSA-2021:3746) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9 security update

2021-10-07 13:31:45

(RHSA-2021:3836) Important: httpd:2.4 security update

2021-10-13 07:08:32

(RHSA-2021:3745) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9 security update

2021-10-07 13:31:42

nessus

RHEL 7 : httpd24-httpd (RHSA-2021:3754)

2021-10-12 00:00:00

Oracle Linux 7 : httpd (ELSA-2021-3856)

2021-10-15 00:00:00

Apache < 2.4.49 Multiple Vulnerabilities

2021-09-23 00:00:00

ibm

Security Bulletin: Apache HTTP Server as used in IBM QRadar SIEM is vulnerable to server-side request forgery (SSRF) (CVE-2021-40438)

2021-12-20 21:02:58

Security Bulletin: IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it.(CVE-2021-40438)

2022-01-17 18:05:57

Security Bulletin: IBM Aspera Orchestrator vulnerable to server-side request forgery due to Apache HTTP Server vulnerability (CVE-2021-40438)

2023-02-02 17:18:50

osv

BIT-apache-2021-40438

2024-03-06 10:55:02

httpd:2.4 bug fix update

2021-11-10 09:00:43

CVE-2021-40438

2021-09-16 15:15:07

centos

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

2021-11-17 14:59:00

oraclelinux

httpd security update

2021-10-14 00:00:00

httpd:2.4 security update

2021-10-13 00:00:00

openvas

CentOS: Security Advisory for httpd (CESA-2021:3856)

2021-11-18 00:00:00

Debian: Security Advisory (DLA-2776-1)

2021-10-03 00:00:00

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1167)

2022-02-24 00:00:00

githubexploit

Exploit for Server-Side Request Forgery in Apache Http Server

2023-12-12 11:56:23

Exploit for Server-Side Request Forgery in Apache Http Server

2022-04-03 15:24:24

Exploit for Server-Side Request Forgery in Apache Http Server

2022-06-10 00:46:58

K01552024 : Apache vulnerability CVE-2021-40438

2021-10-21 00:00:00

cnvd

Apache HTTP Server mod_proxy server-side request forgery vulnerability

2021-09-18 00:00:00

veracode

Cross-Site Request Forgery (CSRF)

2021-09-20 12:57:14

cbl_mariner

CVE-2021-40438 affecting package httpd 2.4.46-6

2021-10-15 04:46:31

CVE-2021-40438 affecting package httpd for versions less than 2.4.52-1

2022-04-09 06:51:57

ubuntucve

CVE-2021-40438

2021-09-16 00:00:00

CVE-2021-20325

2022-02-18 00:00:00

nvd

CVE-2021-40438

2021-09-16 15:15:07

CVE-2021-20325

2022-02-18 18:15:09

nuclei

Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery

2021-10-14 19:59:52

almalinux

httpd:2.4 bug fix update

2021-11-10 09:00:43

Important: httpd:2.4 security update

2021-10-12 15:53:03

Important: httpd:2.4 security update

2021-11-09 19:25:44

cve

CVE-2021-40438

2021-09-16 15:15:07

CVE-2021-20325

2022-02-18 18:15:09

hackerone

Acronis: CVE-2021-40438 on cp-eu2.acronis.com

2021-10-15 05:46:15

httpd

Apache Httpd < 2.4.49 : mod_proxy SSRF

2021-09-16 00:00:00

checkpoint_advisories

Apache HTTP Server Server-Side Request Forgery (CVE-2021-40438)

2021-10-18 00:00:00

rocky

2.4 bug fix update

2021-11-10 09:00:43

httpd:2.4 security update

2021-10-12 15:53:03

httpd:2.4 security update

2021-11-09 19:25:44

prion

Design/Logic Flaw

2021-09-16 15:15:00

Design/Logic Flaw

2022-02-18 18:15:00

redhatcve

CVE-2021-40438

2021-09-16 20:45:58

CVE-2021-20325

2021-11-09 09:06:32

alpinelinux

CVE-2021-40438

2021-09-16 15:15:07

cvelist

CVE-2021-40438 mod_proxy SSRF

2021-09-16 14:40:23

CVE-2021-20325

2022-02-18 17:50:47

debiancve

CVE-2021-40438

2021-09-16 15:15:07

CVE-2021-20325

2022-02-18 18:15:09

rapid7blog

Active Exploitation of Apache HTTP Server CVE-2021-40438

2021-11-30 17:38:53

attackerkb

CVE-2021-40438

2021-09-16 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2021-09-27 00:00:00

Apache HTTP Server regression

2021-09-28 00:00:00

Apache HTTP Server regression

2021-09-28 00:00:00

debian

[SECURITY] [DLA 2776-1] apache2 security update

2021-10-02 16:08:10

[SECURITY] [DSA 4982-1] apache2 security update

2021-10-08 20:56:04

ics

Siemens Apache HTTP Server (Update A)

2022-10-13 12:00:00

photon

Critical Photon OS Security Update - PHSA-2021-0309

2021-10-01 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0437

2021-10-01 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0399

2021-10-01 00:00:00

suse

Security update for apache2 (important)

2021-10-26 00:00:00

Security update for apache2 (important)

2021-11-02 00:00:00

cisco

Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021

2021-11-24 16:00:00

mageia

Updated apache packages fix security vulnerability

2021-09-23 07:49:29

freebsd

Apache httpd -- multiple vulnerabilities

2021-09-16 00:00:00

trellix

The Bug Report – October Edition

2021-11-02 00:00:00

The Bug Report – October Edition

2021-11-02 00:00:00

cisa

CISA Adds Five Known Exploited Vulnerabilities to Catalog

2021-12-01 00:00:00

altlinux

Security fix for the ALT Linux 9 package apache2 version 1:2.4.49-alt1

2021-09-23 00:00:00

Security fix for the ALT Linux 10 package apache2 version 1:2.4.49-alt1

2021-10-04 00:00:00

kaspersky

KLA12370 Multiple vulnerabilities in Apache HTTP Server

2021-09-16 00:00:00

slackware

[slackware-security] httpd

2021-09-17 04:22:20

rosalinux

Advisory ROSA-SA-2023-2158

2023-04-25 11:30:17

Advisory ROSA-SA-2023-2160

2023-04-25 12:02:31

amazon

Important: httpd24

2021-10-15 07:52:00

Important: httpd

2021-10-15 07:57:00

fedora

[SECURITY] Fedora 35 Update: httpd-2.4.49-1.fc35

2021-09-24 20:56:12

[SECURITY] Fedora 34 Update: httpd-2.4.49-1.fc34

2021-09-20 13:58:04

gentoo

Apache HTTPD: Multiple Vulnerabilities

2022-08-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.974 High

EPSS

Percentile

99.9%

JSON

Related for RHSA-2021:3754