CVE-2017-15715 log

Severity Low
Remote Yes
Type Access restriction bypass
In Apache httpd 2.4.0 before 2.4.30, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are externally blocked, but only by matching the trailing portion of the filename.
Group Package Affected Fixed Severity Status Ticket
AVG-664 apache 2.4.29-1 2.4.33-1 Medium Fixed
Date Advisory Group Package Severity Type
04 Apr 2018 ASA-201804-4 AVG-664 apache Medium multiple issues