Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2024-47252

Опубликовано: 17 июл. 2025
Источник: msrc
CVSS3: 7.5
EPSS Низкий

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 28%
0.001
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-47252

CVSS3: 7.5
ubuntu
около 1 месяца назад

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.

redhat логотип

CVE-2024-47252

CVSS3: 7.5
redhat
около 1 месяца назад

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.

nvd логотип

CVE-2024-47252

CVSS3: 7.5
nvd
около 1 месяца назад

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.

debian логотип

CVE-2024-47252

CVSS3: 7.5
debian
около 1 месяца назад

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP ...

github логотип

GHSA-2qfr-q5v6-m43q

CVSS3: 7.5
github
около 1 месяца назад

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.

EPSS

Процентиль: 28%
0.001
Низкий

7.5 High

CVSS3