Apache HTTP Server-Side Request Forgery (SSRF)
Overdue
Apache / Apache
CWE-918
Description
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
Required Action
Apply updates per vendor instructions.
Additional Information
- Catalog Version
- 2025.01.24
- Catalog Released
- Jan. 24, 2025
- Days Until Due
- 0 days
- Last Updated
- 8 months ago