CVE-2024-39573

CVSS V2 None CVSS V3 None
Description
Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
Overview
  • CVE ID
  • CVE-2024-39573
  • Assigner
  • apache
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-01T18:16:44.297Z
  • Last Modified Date
  • 2024-07-01T20:44:44.754Z
References
Reference URL Reference Tags
https://httpd.apache.org/security/vulnerabilities_24.html vendor-advisory
History
Created Old Value New Value Data Type Notes
2024-07-02 13:09:21 Added to TrackCVE