All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2021-40438
NONEKEVpublish date unavailable
CVSS / 10
// description
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
// required action (CISA KEV)
Apply updates per vendor instructions.
added 2021-12-01 00:00 UTC