Improper Input Validation
CVE-2024-39573
Summary
Potential SSRF in mod_rewrite in Apache HTTP Server of the package httpd versions through 2.4.59, 2.5.0-alpha, and 2.5.0-alpha2-ci-test-only, allows an attacker to cause unsafe "RewriteRules" to unexpectedly setup URL's to be handled by "mod_proxy".
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Advisory Timeline
- Published
