Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2021-40438

Apache | ApacheAdded 2021-12-01Remediation Deadline 2021-12-15

Apache HTTP Server-Side Request Forgery (SSRF)

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-918

References