We also list the versions the flaw is known to affect, and where a flaw has not been verified list the version with a question mark. ![]() Please note that if a vulnerability is shown below as being fixed in a "-dev" release then this means that a fix has been applied to the development source tree and will be part of an upcoming full release. Please send comments or corrections for these vulnerabilities to the Security Team. ![]() The initial GA release, Apache httpd 2.4.1, includes fixes for all vulnerabilities which have been resolved in Apache httpd 2.2.22 and all older releases. Fixed in Apache HTTP Server 2.4.54 moderate: mod_proxy_ajp: Possible request smuggling Consult the Apache httpd 2.2 vulnerabilities list for more information. ![]() Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to.
0 Comments
Leave a Reply. |