Description

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.

Remediation

References

CVE-2019-0220

Related Vulnerabilities

MySQL CVE-2022-21633 Vulnerability (CVE-2022-21633)

MySQL CVE-2016-0668 Vulnerability (CVE-2016-0668)

WordPress Plugin Widget Logic Cross-Site Request Forgery (5.9.0)

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-3171)

WordPress Plugin User Submitted Posts Cross-Site Scripting (20151113)

Severity

Medium

Classification

CVE-2019-0220 CWE-706 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities