Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
fedoraproject fedora 34 |
||
fedoraproject fedora 35 |
||
oracle instantis enterprisetrack 17.1 |
||
oracle instantis enterprisetrack 17.2 |
||
oracle instantis enterprisetrack 17.3 |
||
oracle enterprise manager ops center 12.4.0.0 |
||
oracle zfs storage appliance kit 8.8 |