CVE-2021-26690

Опубликовано: 10 июн. 2021

Источник: debian

EPSS Высокий

Описание

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
apache2	fixed	2.4.48-1	experimental	package
apache2	fixed	2.4.46-6		package

Примечания

https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26690
https://github.com/apache/httpd/commit/67bd9bfe6c38831e14fe7122f1d84391472498f8

EPSS

Процентиль: 99%

0.71587

Высокий

Связанные уязвимости

CVE-2021-26690

CVSS3: 7.5

ubuntu

больше 4 лет назад

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

CVE-2021-26690

CVSS3: 7.5

redhat

больше 4 лет назад

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

CVE-2021-26690

CVSS3: 7.5

nvd

больше 4 лет назад

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

CVE-2021-26690

CVSS3: 7.5

msrc

больше 4 лет назад

mod_session NULL pointer dereference

GHSA-f669-j28w-pjvg

github

больше 3 лет назад

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

EPSS

Процентиль: 99%

0.71587

Высокий