directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.
Metrics
Affected Vendors & Products
Tue, 25 Mar 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Thu, 13 Feb 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 13 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 21 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apache
Apache http Server Netapp Netapp clustered Data Ontap |
|
CPEs | cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Apache
Apache http Server Netapp Netapp clustered Data Ontap |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 13 Aug 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat jboss Core Services
|
|
CPEs | cpe:/a:redhat:jboss_core_services:1 cpe:/a:redhat:jboss_core_services:1::el7 cpe:/a:redhat:jboss_core_services:1::el8 |
|
Vendors & Products |
Redhat jboss Core Services
|

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-03-25T18:24:03.613Z
Reserved: 2024-06-17T11:09:02.297Z
Link: CVE-2024-38474

Updated: 2024-09-13T17:04:55.485Z

Status : Modified
Published: 2024-07-01T19:15:04.760
Modified: 2025-03-25T19:15:43.623
Link: CVE-2024-38474


No data.