CVE-2021-41524 - log back

CVE-2021-41524 edited at 05 Oct 2021 10:32:34
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.
References
+ https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-41524
+ https://svn.apache.org/viewvc?view=revision&revision=1893655
Notes
CVE-2021-41524 created at 05 Oct 2021 10:27:07