You are here

Apache HTTP Server Vulnerabilities fixed in Version 2.4.52

IDs: 
CVE-2021-44790), CVE-2021-44224
Keywords: 
httpd
Description: 

The Apache HTTP Server version 2.4.52 fixes 2 vulnerabilities [1].

Airlock Gateway is not affected

Details:

  • CVE-2021-44224 moderate: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
    The module mod_proxy is not used by Airlock Gateway.
  • CVE-2021-44790: high: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier
    The module mod_lua is not used by Airlock Gateway.
Resolution: 

no action required

Component: 
Airlock
Airlock Vulnerability Status: 
Airlock vulnerable, see resolution
Back-end Vulnerability Status: 
No action required