Description

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Remediation

References

CVE-2024-38477

Related Vulnerabilities

WordPress Plugin About Author Cross-Site Scripting (1.3.9)

Jenkins Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-1999043)

Oracle JRE CVE-2012-3143 Vulnerability (CVE-2012-3143)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.27)

WordPress Plugin WPML (WordPress Multilingual) Cross-Site Scripting (3.2.6)

Severity

High

Classification

CVE-2024-38477 CWE-476 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities