Description

null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Remediation

References

CVE-2024-38477

Related Vulnerabilities

WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (1.8.2)

WordPress Plugin Live Comment Preview Cross-Site Scripting (2.0.2)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7193)

WordPress Plugin Booking Calendar-Clockwork SMS Cross-Site Scripting (1.0.5)

WordPress Plugin DirectoryPress-Business Directory And Classified Ad Listing SQL Injection (3.6.10)

Severity

High

Classification

CVE-2024-38477 CWE-476 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities