---

CVE-2021-41524 - log back

CVE-2021-41524 edited at 05 Oct 2021 10:32:34
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.
References	+ https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-41524 + https://svn.apache.org/viewvc?view=revision&revision=1893655
Notes

CVE-2021-41524 created at 05 Oct 2021 10:27:07