null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
History

Fri, 13 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
References

Wed, 21 Aug 2024 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache http Server
Netapp
Netapp clustered Data Ontap
CPEs cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:*
Vendors & Products Apache
Apache http Server
Netapp
Netapp clustered Data Ontap

Tue, 13 Aug 2024 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat jboss Core Services
CPEs cpe:/a:redhat:jboss_core_services:1
cpe:/a:redhat:jboss_core_services:1::el7
cpe:/a:redhat:jboss_core_services:1::el8
Vendors & Products Redhat jboss Core Services

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2024-07-01T18:16:11.935Z

Updated: 2024-09-13T17:04:58.395Z

Reserved: 2024-06-17T11:11:30.174Z

Link: CVE-2024-38477

cve-icon Vulnrichment

Updated: 2024-09-13T17:04:58.395Z

cve-icon NVD

Status : Analyzed

Published: 2024-07-01T19:15:05.083

Modified: 2024-08-21T15:11:30.857

Link: CVE-2024-38477

cve-icon Redhat

Severity : Important

Publid Date: 2024-07-01T00:00:00Z

Links: CVE-2024-38477 - Bugzilla