CVE-2021-30641
10.06.2021, 07:15
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| apache | http_server | 2.4.39 ≤ 𝑥 ≤ 2.4.46 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| oracle | enterprise_manager_ops_center | 12.4.0.0 |
| oracle | instantis_enterprisetrack | 17.1 |
| oracle | instantis_enterprisetrack | 17.2 |
| oracle | instantis_enterprisetrack | 17.3 |
| oracle | zfs_storage_appliance_kit | 8.8 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| apache2 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| apache2 |
| ||||||||||||||||||||||||||||||||||||||||||||||
| apache2-devel |
| ||||||||||||||||||||||||||||||||||||||||||||||
| apache2-doc |
| ||||||||||||||||||||||||||||||||||||||||||||||
| apache2-example-pages |
| ||||||||||||||||||||||||||||||||||||||||||||||
| apache2-prefork |
| ||||||||||||||||||||||||||||||||||||||||||||||
| apache2-utils |
| ||||||||||||||||||||||||||||||||||||||||||||||
| apache2-worker |
|
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| httpd |
| ||
| httpd-debuginfo |
| ||
| httpd-devel |
| ||
| httpd-filesystem |
| ||
| httpd-manual |
| ||
| httpd-tools |
| ||
| httpd24 |
| ||
| httpd24-debuginfo |
| ||
| httpd24-devel |
| ||
| httpd24-manual |
| ||
| httpd24-tools |
| ||
| mod24_ldap |
| ||
| mod24_md |
| ||
| mod24_proxy_html |
| ||
| mod24_session |
| ||
| mod24_ssl |
| ||
| mod_ldap |
| ||
| mod_md |
| ||
| mod_proxy_html |
| ||
| mod_session |
| ||
| mod_ssl |
|
Azure Linux Releases
References