CVE-2021-39275 - log back

CVE-2021-39275 edited at 16 Sep 2021 16:28:49
References
- https://httpd.apache.org/security/vulnerabilities_24.html
+ https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-39275
CVE-2021-39275 edited at 16 Sep 2021 16:26:20
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ In Apache HTTP Server before version 2.4.49, ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may.
References
+ https://httpd.apache.org/security/vulnerabilities_24.html
Notes
CVE-2021-39275 created at 16 Sep 2021 16:22:21