You are here

Apache HTTP Server Vulnerabilities Related to Version 2.4.38

IDs: 
CVE-2019-0190,
Keywords: 
httpd
Description: 

The Apache HTTP Server version 2.4.38 fixes tree vulnerabilities [1].

No action required for Airlock WAF

Details

CVE-2018-17189 - DoS with mod_http2. The criticality of this vulnerability for Airlock WAF is negligible.
CVE-2019-0190 - DoS in combination with OpenSSL 1.1.1. This OpenSSL version is not yet used by Airlock WAF.
CVE-2018-17199 - Affects mod_session_cookie. This module is not used by Airlock WAF.

Resolution: 

No action is required.

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
No action required