CVE-2024-36387

Name
CVE-2024-36387
Description
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vendor-advisory https://httpd.apache.org/security/vulnerabilities_24.html
https://security.netapp.com/advisory/ntap-20240712-0001/

Match rules

CPE URI Source package Min version Max version
apache-http-server >= 2.4.55 <= 2.4.59

Vulnerable and fixed packages

Source package Branch Version Maintainer Status