ADVERTISEMENT

Apache found critical bugs in httpd web server

The Apache Foundation
Jurgita Lapienytė
Jurgita Lapienytė Chief Editor
Dec 22, 2021 Updated: 14 March 2022 2 min read
  • CVE-2021-44790: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51
  • CVE-2021-44224: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier.

"These bugs might not be exposed in your configuration because they are part of optional run-time modules that you might not actually be using. But if you are using these modules, whether you realize it or not, you could be at risk of server crashes, data leakage, or even remote code execution," Sophos said.


ADVERTISEMENT

More from CyberNews:

ADVERTISEMENT