Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-43204

Опубликовано: 10 июл. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

РелизСтатусПримечание
devel

released

2.4.64-1ubuntu2
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

released

2.4.29-1ubuntu4.27+esm6
esm-infra/focal

released

2.4.41-4ubuntu3.23+esm2
esm-infra/xenial

released

2.4.18-2ubuntu3.17+esm16
jammy

released

2.4.52-1ubuntu4.15
noble

released

2.4.58-1ubuntu8.7
plucky

released

2.4.63-1ubuntu1.1
questing

released

2.4.64-1ubuntu2
upstream

released

2.4.64-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 53%
0.00307
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-43204

CVSS3: 5.4
redhat
3 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

nvd логотип

CVE-2024-43204

CVSS3: 7.5
nvd
3 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

msrc логотип

CVE-2024-43204

CVSS3: 7.5
msrc
3 месяца назад

Описание отсутствует

debian логотип

CVE-2024-43204

CVSS3: 7.5
debian
3 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to ...

github логотип

GHSA-q2wp-r77c-3cw8

CVSS3: 7.5
github
3 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

EPSS

Процентиль: 53%
0.00307
Низкий

7.5 High

CVSS3