Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration.
This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
Users are recommended to upgrade to version 2.4.68, which fixes the issue.
The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Http_server | Apache | 2.4.0 (including) | 2.4.68 (excluding) |
| Red Hat Enterprise Linux 10 | RedHat | httpd-0:2.4.63-13.el10_2.4 | * |
| Apache2 | Ubuntu | devel | * |
| Apache2 | Ubuntu | upstream | * |