CVE-2021-36160 - log back

CVE-2021-36160 edited at 16 Sep 2021 16:28:41
References
- https://httpd.apache.org/security/vulnerabilities_24.html
+ https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-36160
CVE-2021-36160 edited at 16 Sep 2021 16:25:14
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ In Apache HTTP Server before version 2.4.49, a carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (denial of service).
References
+ https://httpd.apache.org/security/vulnerabilities_24.html
Notes
CVE-2021-36160 created at 16 Sep 2021 16:22:21