Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
Metrics
Affected Vendors & Products
References
History
Fri, 13 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | ||
Vendors & Products |
Apache
Apache http Server |
|
References |
| |
Metrics |
ssvc
|
Tue, 13 Aug 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat jboss Core Services
|
|
CPEs | cpe:/a:redhat:jboss_core_services:1 cpe:/a:redhat:jboss_core_services:1::el7 cpe:/a:redhat:jboss_core_services:1::el8 |
|
Vendors & Products |
Redhat jboss Core Services
|
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-07-01T18:16:44.297Z
Updated: 2024-09-13T17:05:01.124Z
Reserved: 2024-06-25T17:13:46.679Z
Link: CVE-2024-39573
Vulnrichment
Updated: 2024-09-13T17:05:01.124Z
NVD
Status : Awaiting Analysis
Published: 2024-07-01T19:15:05.760
Modified: 2024-11-21T09:28:02.550
Link: CVE-2024-39573
Redhat