Assigner | apache |
Reserved | 2024-06-17 |
Published | 2024-07-01 |
Updated | 2024-07-01 |
Description
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
Problem types
CWE-476 NULL Pointer Dereference
Product status
2.4.0
Timeline
2024-04-01: | Reported |
Credits
Orange Tsai (@orange_8361) from DEVCORE
References
https://httpd.apache.org/security/vulnerabilities_24.html