CVE-2021-41773

CVE-2021-41773

2 years ago

source link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Learn more at National Vulnerability Database (NVD)

• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information

Description A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.

Recommend

CVE-2021-41773

CVE-2021-41773

Recommend

YouTube might soon highlight the parts of a video others found most interesting

Actix: A Web Framework for Rust

FarmVille 3 enters pre-registration in preparation for its global launch next mo...

Warp Terminal Emulator Review

Google Calendar can automatically start and share notes for your next meeting

Twitch.tv just got leaked in its entirety, here’s what you should do

As Pixel 6 launch looms, retailers get ready to sweeten the pot

一个 Android MVVM 组件化架构框架

Samsung's Gallery app picks up one of the best new features from Google Photos

Take a look inside Steam Deck™!

About Joyk