Description

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Remediation

References

CVE-2024-38477

Related Vulnerabilities

Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)

WordPress Plugin Woocommerce Product Designer Arbitrary File Upload (3.0.3)

CubeCart Improper Authentication Vulnerability (CVE-2014-2341)

WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-31216)

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-4093)

Severity

High

Classification

CVE-2024-38477 CWE-476 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities