CVE-2019-0196 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	A use-after-free issue has been found in the http/2 request handling code of Apache HTTPd <= 2.4.18 and <= 2.4.38. Using crafted network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-946	apache	2.4.38-1	2.4.39-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
05 Apr 2019	ASA-201904-3	AVG-946	apache	Critical	multiple issues

References
https://httpd.apache.org/security/vulnerabilities_24.html