- EPSS 94.43%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 27.10.2025 17:37:06
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-39275
- EPSS 46.97%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 01.05.2025 15:39:40
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-34798
- EPSS 11.69%
- Veröffentlicht 16.09.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 06:11:13
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-3449
- EPSS 10.19%
- Veröffentlicht 25.03.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:33
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but incl...