CVE-2021-30641

Published: Jun 10, 2021
Updated: Apr 14, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-30641" target="_blank" rel="noopener"> CVE-2021-30641
Severity: Medium
Exploit:

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

CVSS v3:

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
apache / http_server	2.4.39	2.4.46.x
debian / debian_linux	9.0	9.0.x
debian / debian_linux	10.0	10.0.x
fedoraproject / fedora	34	34.x
fedoraproject / fedora	35	35.x
oracle / instantis_enterprisetrack	17.1	17.1.x
oracle / instantis_enterprisetrack	17.2	17.2.x
oracle / instantis_enterprisetrack	17.3	17.3.x
oracle / enterprise_manager_ops_center	12.4.0.0	12.4.0.0.x
oracle / zfs_storage_appliance_kit	8.8	8.8.x