Description

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

Remediation

References

CVE-2021-30641

Related Vulnerabilities

WordPress Plugin AnyVar Cross-Site Scripting (0.1.1)

WordPress Plugin EWWW Image Optimizer Cross-Site Scripting (2.0.1)

WordPress Plugin DukaPress TimThumb Arbitrary File Upload (2.3.2)

WordPress Plugin Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2)

Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615)

Severity

Medium

Classification

CVE-2021-30641 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities