| VID |
22980 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The version of Apache httpd installed on the remote host is prior to 2.4.48. It is, therefore, affected by a vulnerability as referenced in the 2.4.48 changelog.
- mod_http2: Fix a potential NULL pointer dereference (CVE-2021-31618)
* References:
https://downloads.apache.org/httpd/CHANGES_2.4
* Platforms Affected:
Apache HTTP versions 2.4.x prior to 2.4.48
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Apache HTTP Server (2.4.48 or later), available from the Apache Software Foundation download site, http://httpd.apache.org/download.cgi |
| Related URL |
CVE-2021-31618 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
