Lucene search
OracleLinuxELSA-2021-3856HistoryOct 14, 2021 - 12:00 a.m.
httpd security update
2021-10-1400:00:00
linux.oracle.com
54
0.974 High
EPSS
Percentile
99.9%
[2.4.6-97.0.1.1]
- replace index.html with Oracle’s index page oracle_index.html
[2.4.6-97.1] - Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted
request uri-path containing ‘unix:’
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | httpd | < 2.4.6-97.0.1.el7_9.1 | httpd-2.4.6-97.0.1.el7_9.1.src.rpm |
| oracle linux | 7 | aarch64 | httpd | < 2.4.6-97.0.1.el7_9.1 | httpd-2.4.6-97.0.1.el7_9.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | httpd-devel | < 2.4.6-97.0.1.el7_9.1 | httpd-devel-2.4.6-97.0.1.el7_9.1.aarch64.rpm |
| oracle linux | 7 | noarch | httpd-manual | < 2.4.6-97.0.1.el7_9.1 | httpd-manual-2.4.6-97.0.1.el7_9.1.noarch.rpm |
| oracle linux | 7 | aarch64 | httpd-tools | < 2.4.6-97.0.1.el7_9.1 | httpd-tools-2.4.6-97.0.1.el7_9.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_ldap | < 2.4.6-97.0.1.el7_9.1 | mod_ldap-2.4.6-97.0.1.el7_9.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_proxy_html | < 2.4.6-97.0.1.el7_9.1 | mod_proxy_html-2.4.6-97.0.1.el7_9.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_session | < 2.4.6-97.0.1.el7_9.1 | mod_session-2.4.6-97.0.1.el7_9.1.aarch64.rpm |
| oracle linux | 7 | aarch64 | mod_ssl | < 2.4.6-97.0.1.el7_9.1 | mod_ssl-2.4.6-97.0.1.el7_9.1.aarch64.rpm |
| oracle linux | 7 | src | httpd | < 2.4.6-97.0.1.el7_9.1 | httpd-2.4.6-97.0.1.el7_9.1.src.rpm |
Related
cisa_kev
cisa_kev
Apache HTTP Server-Side Request Forgery (SSRF)
2021-12-01 00:00:00
osv
osv
BIT-apache-2021-40438
2024-03-06 10:55:02
httpd:2.4 bug fix update
2021-11-10 09:00:43
CVE-2021-40438
2021-09-16 15:15:07
nessus
nessus
RHEL 7 : httpd24-httpd (RHSA-2021:3754)
2021-10-12 00:00:00
Oracle Linux 7 : httpd (ELSA-2021-3856)
2021-10-15 00:00:00
Apache < 2.4.49 Multiple Vulnerabilities
2021-09-23 00:00:00
ibm
ibm
Security Bulletin: Apache HTTP Server as used in IBM QRadar SIEM is vulnerable to server-side request forgery (SSRF) (CVE-2021-40438)
2021-12-20 21:02:58
redhat
redhat
(RHSA-2021:3746) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9 security update
2021-10-07 13:31:45
(RHSA-2021:3836) Important: httpd:2.4 security update
2021-10-13 07:08:32
(RHSA-2021:3856) Important: httpd security update
2021-10-14 08:00:40
cnvd
cnvd
Apache HTTP Server mod_proxy server-side request forgery vulnerability
2021-09-18 00:00:00
f5
f5
K01552024 : Apache vulnerability CVE-2021-40438
2021-10-21 00:00:00
centos
centos
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2021-11-17 14:59:00
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Apache Http Server
2023-12-12 11:56:23
Exploit for Server-Side Request Forgery in Apache Http Server
2022-04-03 15:24:24
Exploit for Server-Side Request Forgery in Apache Http Server
2024-05-19 11:04:58
openvas
openvas
CentOS: Security Advisory for httpd (CESA-2021:3856)
2021-11-18 00:00:00
Debian: Security Advisory (DLA-2776-1)
2021-10-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3299-1)
2021-10-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache HTTP Server Server-Side Request Forgery (CVE-2021-40438)
2021-10-18 00:00:00
rocky
rocky
2.4 bug fix update
2021-11-10 09:00:43
httpd:2.4 security update
2021-10-12 15:53:03
httpd:2.4 security update
2021-11-09 19:25:44
prion
prion
Design/Logic Flaw
2021-09-16 15:15:00
Design/Logic Flaw
2022-02-18 18:15:00
redhatcve
redhatcve
CVE-2021-40438
2021-09-16 20:45:58
CVE-2021-20325
2021-11-09 09:06:32
debiancve
debiancve
CVE-2021-40438
2021-09-16 15:15:07
CVE-2021-20325
2022-02-18 18:15:09
rapid7blog
rapid7blog
Active Exploitation of Apache HTTP Server CVE-2021-40438
2021-11-30 17:38:53
alpinelinux
alpinelinux
CVE-2021-40438
2021-09-16 15:15:07
cbl_mariner
cbl_mariner
CVE-2021-40438 affecting package httpd for versions less than 2.4.52-1
2022-04-09 06:51:57
CVE-2021-40438 affecting package httpd 2.4.46-6
2021-10-15 04:46:31
cvelist
cvelist
CVE-2021-40438 mod_proxy SSRF
2021-09-16 14:40:23
CVE-2021-20325
2022-02-18 17:50:47
ubuntucve
ubuntucve
CVE-2021-40438
2021-09-16 00:00:00
CVE-2021-20325
2022-02-18 00:00:00
httpd
httpd
Apache Httpd < 2.4.49 : mod_proxy SSRF
2021-09-16 00:00:00
almalinux
almalinux
httpd:2.4 bug fix update
2021-11-10 09:00:43
Important: httpd:2.4 security update
2021-10-12 15:53:03
Important: httpd:2.4 security update
2021-11-09 19:25:44
veracode
veracode
Cross-Site Request Forgery (CSRF)
2021-09-20 12:57:14
hackerone
hackerone
Acronis: CVE-2021-40438 on cp-eu2.acronis.com
2021-10-15 05:46:15
nuclei
nuclei
Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery
2021-10-14 19:59:52
nvd
nvd
CVE-2021-40438
2021-09-16 15:15:07
CVE-2021-20325
2022-02-18 18:15:09
cve
cve
CVE-2021-40438
2021-09-16 15:15:07
CVE-2021-20325
2022-02-18 18:15:09
oraclelinux
oraclelinux
httpd:2.4 security update
2021-10-13 00:00:00
attackerkb
attackerkb
CVE-2021-40438
2021-09-16 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2021-09-27 00:00:00
Apache HTTP Server regression
2021-09-28 00:00:00
Apache HTTP Server regression
2021-09-28 00:00:00
debian
debian
[SECURITY] [DLA 2776-1] apache2 security update
2021-10-02 16:07:56
[SECURITY] [DSA 4982-1] apache2 security update
2021-10-08 20:56:04
ics
ics
Siemens Apache HTTP Server (Update A)
2022-10-13 12:00:00
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0437
2021-10-01 00:00:00
Critical Photon OS Security Update - PHSA-2021-0309
2021-10-01 00:00:00
Critical Photon OS Security Update - PHSA-2021-0437
2021-10-01 00:00:00
suse
suse
Security update for apache2 (important)
2021-10-26 00:00:00
Security update for apache2 (important)
2021-11-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 1:2.4.49-alt1
2021-10-04 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.49-alt1
2021-09-23 00:00:00
trellix
trellix
The Bug Report – October Edition
2021-11-02 00:00:00
The Bug Report – October Edition
2021-11-02 00:00:00
freebsd
freebsd
Apache httpd -- multiple vulnerabilities
2021-09-16 00:00:00
mageia
mageia
Updated apache packages fix security vulnerability
2021-09-23 07:49:29
cisco
cisco
kaspersky
kaspersky
KLA12370 Multiple vulnerabilities in Apache HTTP Server
2021-09-16 00:00:00
slackware
slackware
[slackware-security] httpd
2021-09-17 04:22:20
cisa
cisa
CISA Adds Five Known Exploited Vulnerabilities to Catalog
2021-12-01 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2158
2023-04-25 11:30:17
Advisory ROSA-SA-2023-2160
2023-04-25 12:02:31
amazon
amazon
Important: httpd
2021-10-15 07:57:00
Important: httpd24
2021-10-15 07:52:00
fedora
fedora
[SECURITY] Fedora 35 Update: httpd-2.4.49-1.fc35
2021-09-24 20:56:12
[SECURITY] Fedora 34 Update: httpd-2.4.49-1.fc34
2021-09-20 13:58:04
gentoo
gentoo
Apache HTTPD: Multiple Vulnerabilities
2022-08-14 00:00:00