AVG-2442 log
Package | apache |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 2.4.49-1 |
Fixed | 2.4.50-1 |
Current | 2.4.62-1 [extra] |
Ticket | None |
Created | Tue Oct 5 10:27:07 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-41773 | High | Yes | Directory traversal | A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files... |
CVE-2021-41524 | Medium | Yes | Denial of service | While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server.... |