In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
Metrics
Affected Vendors & Products
References
History
Thu, 06 Feb 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
Wed, 14 Aug 2024 00:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|

Status: PUBLISHED
Assigner: apache
Published: 2019-04-08T21:31:09.000Z
Updated: 2025-02-06T21:04:27.062Z
Reserved: 2018-11-14T00:00:00.000Z
Link: CVE-2019-0211

Updated: 2024-08-04T17:44:15.393Z

Status : Modified
Published: 2019-04-08T22:29:00.387
Modified: 2025-02-06T21:15:12.750
Link: CVE-2019-0211
