Description
An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-0654 Vulnerability (CVE-2016-0654)
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-21339)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4583)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000356)
e107 Inadequate Encryption Strength Vulnerability (CVE-2021-27885)