Description

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Remediation

References

CVE-2024-38477

Related Vulnerabilities

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Multiple Cross-Site Scripting Vulnerabilities (2.0.27)

OpenSSL Cryptographic Issues Vulnerability (CVE-2015-3197)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4377)

ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-2050)

WordPress Plugin Very Simple Quiz Cross-Site Scripting (1.0.0)

Severity

High

Classification

CVE-2024-38477 CWE-476 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities