Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).

  • Published: Dec 20, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-44224
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.2
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

CVSS v2:

  • Severity: Medium
  • Score: 6.4
  • AV:N/AC:L/Au:N/C:N/I:P/A:P

CWEs:

Software From Fixed in
apache / http_server 2.4.7 2.4.52
fedoraproject / fedora 34 34.x
fedoraproject / fedora 35 35.x
fedoraproject / fedora 36 36.x
debian / debian_linux 10.0 10.0.x
debian / debian_linux 11.0 11.0.x
tenable / tenable.sc 5.14.0 5.20.0
tenable / tenable.sc 5.16.0 202201.1
oracle / http_server 12.2.1.3.0 12.2.1.3.0.x
oracle / communications_operations_monitor 4.0 4.0.x
oracle / instantis_enterprisetrack 17.1 17.1.x
oracle / instantis_enterprisetrack 17.2 17.2.x
oracle / instantis_enterprisetrack 17.3 17.3.x
oracle / http_server 12.2.1.4.0 12.2.1.4.0.x
oracle / communications_operations_monitor 4.3 4.3.x
oracle / communications_operations_monitor 4.4 4.4.x
oracle / communications_operations_monitor 5.0 5.0.x
oracle / communications_element_manager - 9.0
oracle / communications_session_report_manager - 9.0
oracle / communications_session_route_manager - 9.0
apple / macos - 10.15.7
apple / mac_os_x 10.15.7-security_update_2020-001 10.15.7-security_update_2020-001.x
apple / mac_os_x 10.15.7-security_update_2021-001 10.15.7-security_update_2021-001.x
apple / mac_os_x 10.15.7-security_update_2021-002 10.15.7-security_update_2021-002.x
apple / mac_os_x 10.15.7 10.15.7.x
apple / mac_os_x 10.15.7-security_update_2021-003 10.15.7-security_update_2021-003.x
apple / mac_os_x 10.15.7-security_update_2021-004 10.15.7-security_update_2021-004.x
apple / mac_os_x 10.15.7-security_update_2021-005 10.15.7-security_update_2021-005.x
apple / mac_os_x 10.15.7-security_update_2021-006 10.15.7-security_update_2021-006.x
apple / mac_os_x 10.15.7-security_update_2021-008 10.15.7-security_update_2021-008.x
apple / mac_os_x 10.15.7-security_update_2021-007 10.15.7-security_update_2021-007.x
apple / mac_os_x 10.15.7-security_update_2022-002 10.15.7-security_update_2022-002.x
apple / mac_os_x 10.15.7-security_update_2022-001 10.15.7-security_update_2022-001.x
apple / macos 11.0 11.6.6
apple / mac_os_x 10.15.7-security_update_2022-003 10.15.7-security_update_2022-003.x
apple / macos 12.0.0 12.4