AVG-2442 log
| Package | apache |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 2.4.49-1 |
| Fixed | 2.4.50-1 |
| Current | 2.4.65-4 [extra] |
| Ticket | None |
| Created | Tue Oct 5 10:27:07 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-41773 | High | Yes | Directory traversal | A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files... |
| CVE-2021-41524 | Medium | Yes | Denial of service | While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server.... |