Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-43204

Опубликовано: 10 июл. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

РелизСтатусПримечание
devel

pending

2.4.64-1ubuntu1
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

needs-triage

esm-infra/focal

needs-triage

esm-infra/xenial

needs-triage

jammy

released

2.4.52-1ubuntu4.15
noble

released

2.4.58-1ubuntu8.7
plucky

released

2.4.63-1ubuntu1.1
upstream

released

2.4.64-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 51%
0.00277
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-43204

CVSS3: 5.4
redhat
около 1 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

nvd логотип

CVE-2024-43204

CVSS3: 7.5
nvd
около 1 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

msrc логотип

CVE-2024-43204

CVSS3: 7.5
msrc
около 1 месяца назад

Описание отсутствует

debian логотип

CVE-2024-43204

CVSS3: 7.5
debian
около 1 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to ...

github логотип

GHSA-q2wp-r77c-3cw8

CVSS3: 7.5
github
около 1 месяца назад

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

EPSS

Процентиль: 51%
0.00277
Низкий

7.5 High

CVSS3