You are here

Home › Apache HTTP Server Vulnerabilities fixed in Version 2.4.52

Apache HTTP Server Vulnerabilities fixed in Version 2.4.52

Submitted on 3. January 2022 - 10:12 by rischi.
Last update on 3. January 2022 - 10:12.
IDs: 
CVE-2021-44790), CVE-2021-44224
Keywords: 
httpd
Description: 

The Apache HTTP Server version 2.4.52 fixes 2 vulnerabilities [1].

Airlock Gateway is not affected

Details:

  • CVE-2021-44224 moderate: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
    The module mod_proxy is not used by Airlock Gateway.
  • CVE-2021-44790: high: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier
    The module mod_lua is not used by Airlock Gateway.
Resolution: 

no action required

Component: 
Airlock
Airlock Vulnerability Status: 
Airlock vulnerable, see resolution
Back-end Vulnerability Status: 
No action required
Reference: 
[1] Apache httpd 2.4 vulnerabilities
© Ergon Informatik AG