CVE-2019-0211 log

Source
Severity Critical
Remote Yes
Type Privilege escalation
Description
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard.
Group Package Affected Fixed Severity Status Ticket
AVG-946 apache 2.4.38-1 2.4.39-1 Critical Fixed
Date Advisory Group Package Severity Description
05 Apr 2019 ASA-201904-3 AVG-946 apache Critical multiple issues
References
https://httpd.apache.org/security/vulnerabilities_24.html