For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64httpd-debuginfo< 2.4.6-97.el7_9.1httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm
RedHat7ppc64httpd< 2.4.6-97.el7_9.1httpd-2.4.6-97.el7_9.1.ppc64.rpm
RedHat7x86_64httpd-devel< 2.4.6-97.el7_9.1httpd-devel-2.4.6-97.el7_9.1.x86_64.rpm
RedHat7ppc64httpd-devel< 2.4.6-97.el7_9.1httpd-devel-2.4.6-97.el7_9.1.ppc64.rpm
RedHat7ppc64httpd-debuginfo< 2.4.6-97.el7_9.1httpd-debuginfo-2.4.6-97.el7_9.1.ppc64.rpm
RedHat7ppc64lehttpd-debuginfo< 2.4.6-89.el7_6.2httpd-debuginfo-2.4.6-89.el7_6.2.ppc64le.rpm
RedHat7x86_64mod_ldap< 2.4.6-67.el7_4.7mod_ldap-2.4.6-67.el7_4.7.x86_64.rpm
RedHat7ppc64mod_proxy_html< 2.4.6-97.el7_9.1mod_proxy_html-2.4.6-97.el7_9.1.ppc64.rpm
RedHat7ppc64httpd-tools< 2.4.6-97.el7_9.1httpd-tools-2.4.6-97.el7_9.1.ppc64.rpm
RedHat7ppc64lehttpd< 2.4.6-89.el7_6.2httpd-2.4.6-89.el7_6.2.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	x86_64	httpd-debuginfo	< 2.4.6-97.el7_9.1	httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm
RedHat	7	ppc64	httpd	< 2.4.6-97.el7_9.1	httpd-2.4.6-97.el7_9.1.ppc64.rpm
RedHat	7	x86_64	httpd-devel	< 2.4.6-97.el7_9.1	httpd-devel-2.4.6-97.el7_9.1.x86_64.rpm
RedHat	7	ppc64	httpd-devel	< 2.4.6-97.el7_9.1	httpd-devel-2.4.6-97.el7_9.1.ppc64.rpm
RedHat	7	ppc64	httpd-debuginfo	< 2.4.6-97.el7_9.1	httpd-debuginfo-2.4.6-97.el7_9.1.ppc64.rpm
RedHat	7	ppc64le	httpd-debuginfo	< 2.4.6-89.el7_6.2	httpd-debuginfo-2.4.6-89.el7_6.2.ppc64le.rpm
RedHat	7	x86_64	mod_ldap	< 2.4.6-67.el7_4.7	mod_ldap-2.4.6-67.el7_4.7.x86_64.rpm
RedHat	7	ppc64	mod_proxy_html	< 2.4.6-97.el7_9.1	mod_proxy_html-2.4.6-97.el7_9.1.ppc64.rpm
RedHat	7	ppc64	httpd-tools	< 2.4.6-97.el7_9.1	httpd-tools-2.4.6-97.el7_9.1.ppc64.rpm
RedHat	7	ppc64le	httpd	< 2.4.6-89.el7_6.2	httpd-2.4.6-89.el7_6.2.ppc64le.rpm

Rows per page:

1-10 of 941

nessus 57

oraclelinux 2

openvas 33

f5 1

githubexploit 8

centos 1

redhat 8

cnvd 1

cisa_kev 1

osv 13

ibm 12

alpinelinux 1

cbl_mariner 2

debiancve 2

redhatcve 2

cvelist 2

zdi 1

rapid7blog 1

rocky 3

prion 2

checkpoint_advisories 1

ubuntucve 2

nuclei 1

hackerone 1

almalinux 3

veracode 1

httpd 1

cve 2

nvd 2

attackerkb 1

ubuntu 4

debian 2

ics 1

suse 2

photon 5

altlinux 2

trellix 2

mageia 1

freebsd 1

cisco 1

slackware 1

kaspersky 1

cisa 1

rosalinux 2

amazon 2

fedora 2

gentoo 1

nessus

Apache < 2.4.49 Multiple Vulnerabilities

2021-09-23 00:00:00

RHEL 8 : httpd:2.4 (RHSA-2021:3837)

2021-10-13 00:00:00

RHEL 7 : httpd24-httpd (RHSA-2021:3754)

2021-10-12 00:00:00

oraclelinux

httpd security update

2021-10-14 00:00:00

httpd:2.4 security update

2021-10-13 00:00:00

openvas

CentOS: Security Advisory for httpd (CESA-2021:3856)

2021-11-18 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:3299-1)

2021-10-07 00:00:00

Debian: Security Advisory (DLA-2776-1)

2021-10-03 00:00:00

K01552024 : Apache vulnerability CVE-2021-40438

2021-10-21 00:00:00

githubexploit

Exploit for Server-Side Request Forgery in Apache Http Server

2023-12-12 11:56:23

Exploit for Server-Side Request Forgery in Apache Http Server

2022-04-03 15:24:24

Exploit for Server-Side Request Forgery in Apache Http Server

2021-11-11 19:51:45

centos

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

2021-11-17 14:59:00

redhat

(RHSA-2021:3745) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9 security update

2021-10-07 13:31:42

(RHSA-2021:3836) Important: httpd:2.4 security update

2021-10-13 07:08:32

(RHSA-2021:3746) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9 security update

2021-10-07 13:31:45

cnvd

Apache HTTP Server mod_proxy server-side request forgery vulnerability

2021-09-18 00:00:00

cisa_kev

Apache HTTP Server-Side Request Forgery (SSRF)

2021-12-01 00:00:00

osv

BIT-apache-2021-40438

2024-03-06 10:55:02

CVE-2021-40438

2021-09-16 15:15:07

httpd:2.4 bug fix update

2021-11-10 09:00:43

ibm

Security Bulletin: Apache HTTP Server as used in IBM QRadar SIEM is vulnerable to server-side request forgery (SSRF) (CVE-2021-40438)

2021-12-20 21:02:58

Security Bulletin: IBM Aspera Orchestrator vulnerable to server-side request forgery due to Apache HTTP Server vulnerability (CVE-2021-40438)

2023-02-02 17:18:50

Security Bulletin: IBM Aspera Faspex 4.4.1 and earlier has addressed an Apache vulnerabilitiy (CVE-2021-40438)

2022-09-07 23:29:54

alpinelinux

CVE-2021-40438

2021-09-16 15:15:07

cbl_mariner

CVE-2021-40438 affecting package httpd for versions less than 2.4.52-1

2022-04-09 06:51:57

CVE-2021-40438 affecting package httpd 2.4.46-6

2021-10-15 04:46:31

debiancve

CVE-2021-40438

2021-09-16 15:15:07

CVE-2021-20325

2022-02-18 18:15:09

redhatcve

CVE-2021-40438

2021-09-16 20:45:58

CVE-2021-20325

2021-11-09 09:06:32

cvelist

CVE-2021-40438 mod_proxy SSRF

2021-09-16 14:40:23

CVE-2021-20325

2022-02-18 17:50:47

zdi

Hewlett Packard Enterprise OneView Apache Server-Side Request Forgery Vulnerability

2024-06-18 00:00:00

rapid7blog

Active Exploitation of Apache HTTP Server CVE-2021-40438

2021-11-30 17:38:53

rocky

2.4 bug fix update

2021-11-10 09:00:43

httpd:2.4 security update

2021-10-12 15:53:03

httpd:2.4 security update

2021-11-09 19:25:44

prion

Design/Logic Flaw

2021-09-16 15:15:00

Design/Logic Flaw

2022-02-18 18:15:00

checkpoint_advisories

Apache HTTP Server Server-Side Request Forgery (CVE-2021-40438)

2021-10-18 00:00:00

ubuntucve

CVE-2021-40438

2021-09-16 00:00:00

CVE-2021-20325

2022-02-18 00:00:00

nuclei

Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery

2021-10-14 19:59:52

hackerone

Acronis: CVE-2021-40438 on cp-eu2.acronis.com

2021-10-15 05:46:15

almalinux

httpd:2.4 bug fix update

2021-11-10 09:00:43

Important: httpd:2.4 security update

2021-10-12 15:53:03

Important: httpd:2.4 security update

2021-11-09 19:25:44

veracode

Cross-Site Request Forgery (CSRF)

2021-09-20 12:57:14

httpd

Apache Httpd < 2.4.49 : mod_proxy SSRF

2021-09-16 00:00:00

cve

CVE-2021-40438

2021-09-16 15:15:07

CVE-2021-20325

2022-02-18 18:15:09

nvd

CVE-2021-40438

2021-09-16 15:15:07

CVE-2021-20325

2022-02-18 18:15:09

attackerkb

CVE-2021-40438

2021-09-16 00:00:00

ubuntu

Apache HTTP Server vulnerabilities

2021-09-27 00:00:00

Apache HTTP Server regression

2021-09-28 00:00:00

Apache HTTP Server regression

2021-09-28 00:00:00

debian

[SECURITY] [DLA 2776-1] apache2 security update

2021-10-02 16:07:56

[SECURITY] [DSA 4982-1] apache2 security update

2021-10-08 20:56:04

ics

Siemens Apache HTTP Server (Update A)

2022-10-13 12:00:00

suse

Security update for apache2 (important)

2021-10-26 00:00:00

Security update for apache2 (important)

2021-11-02 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0437

2021-10-01 00:00:00

Critical Photon OS Security Update - PHSA-2021-0309

2021-10-01 00:00:00

Critical Photon OS Security Update - PHSA-2021-3.0-0309

2021-10-02 00:00:00

altlinux

Security fix for the ALT Linux 10 package apache2 version 1:2.4.49-alt1

2021-10-04 00:00:00

Security fix for the ALT Linux 9 package apache2 version 1:2.4.49-alt1

2021-09-23 00:00:00

trellix

The Bug Report – October Edition

2021-11-02 00:00:00

The Bug Report – October Edition

2021-11-02 00:00:00

mageia

Updated apache packages fix security vulnerability

2021-09-23 07:49:29

freebsd

Apache httpd -- multiple vulnerabilities

2021-09-16 00:00:00

cisco

Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021

2021-11-24 16:00:00

slackware

[slackware-security] httpd

2021-09-17 04:22:20

kaspersky

KLA12370 Multiple vulnerabilities in Apache HTTP Server

2021-09-16 00:00:00

cisa

CISA Adds Five Known Exploited Vulnerabilities to Catalog

2021-12-01 00:00:00

rosalinux

Advisory ROSA-SA-2023-2158

2023-04-25 11:30:17

Advisory ROSA-SA-2023-2160

2023-04-25 12:02:31

amazon

Important: httpd

2021-10-15 07:57:00

Important: httpd24

2021-10-15 07:52:00

fedora

[SECURITY] Fedora 35 Update: httpd-2.4.49-1.fc35

2021-09-24 20:56:12

[SECURITY] Fedora 34 Update: httpd-2.4.49-1.fc34

2021-09-20 13:58:04

gentoo

Apache HTTPD: Multiple Vulnerabilities

2022-08-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.971 High

EPSS

Percentile

99.8%

JSON

Related for RHSA-2021:3856