CVE-2021-34798

Name
CVE-2021-34798
Description
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC http://httpd.apache.org/security/vulnerabilities_24.html
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/
MLIST https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E
MLIST https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E
MLIST https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E
MLIST https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/
MLIST https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html
CONFIRM https://security.netapp.com/advisory/ntap-20211008-0004/
DEBIAN https://www.debian.org/security/2021/dsa-4982
CONFIRM https://www.tenable.com/security/tns-2021-17
Third Party Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ
Patch https://www.oracle.com/security-alerts/cpujan2022.html
Third Party Advisory https://kc.mcafee.com/corporate/index?page=content&id=SB10379
MISC https://www.oracle.com/security-alerts/cpuapr2022.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* http_server >= None <= 2.4.48

Vulnerable and fixed packages

Source package Branch Version Maintainer Status