2019-06-11 23:29:00 2019-06-25 12:15:10

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE
Apache Http server 2.4.38 (not an official CPE) Apache Http server 2.4.37 (not an official CPE) Apache Http server 2.4.36 (not an official CPE) Apache Http server 2.4.35 (not an official CPE) Apache Http server 2.4.34 (not an official CPE) Apache Http server 2.4.33 (not an official CPE) Apache Http server 2.4.32 (not an official CPE) Apache Http server 2.4.30 (not an official CPE) Apache Http server 2.4.29 (not an official CPE) Apache Http server 2.4.28 (not an official CPE) Apache Http server 2.4.27 (not an official CPE) Apache Http server 2.4.26 (not an official CPE) Apache Http server 2.4.25 (not an official CPE) Apache Http server 2.4.24 (not an official CPE) Apache Http server 2.4.23 (not an official CPE) Apache Http server 2.4.22 (not an official CPE) Apache Http server 2.4.21 (not an official CPE) Apache Http server 2.4.20 (not an official CPE) Apache Http server 2.4.19 (not an official CPE) Apache Http server 2.4.18 (not an official CPE) Apache Http server 2.4.17 (not an official CPE) Apache Http server 2.4.16 (not an official CPE) Apache Http server 2.4.14 (not an official CPE) Apache Software Foundation Apache HTTP Server 2.4.12 Apache Software Foundation Apache HTTP Server 2.4.10 Apache Software Foundation Apache HTTP Server 2.4.9 Apache Software Foundation Apache HTTP Server 2.4.8 Apache Software Foundation Apache HTTP Server 2.4.7 Apache Software Foundation Apache HTTP Server 2.4.6 Apache Http server 2.4.4 (not an official CPE) Apache Software Foundation Apache HTTP Server 2.4.3 Apache Software Foundation Apache HTTP Server 2.4.2 Apache Software Foundation Apache HTTP Server 2.4.1 Apache Software Foundation Apache HTTP Server 2.4.0