Apache HTTP Server is vulnerable to path traversal attacks. An attacker could use a path traversal attack to map URLs to the files outside of the document root are not protected by the “require all denied” directive in the Apache configuration file
jvn.jp/en/jp/JVN51106450/index.html
packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html
packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html
packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html
www.openwall.com/lists/oss-security/2021/10/07/6
www.openwall.com/lists/oss-security/2021/10/08/1
www.openwall.com/lists/oss-security/2021/10/08/2
www.openwall.com/lists/oss-security/2021/10/08/3
www.openwall.com/lists/oss-security/2021/10/08/4
www.openwall.com/lists/oss-security/2021/10/08/5
www.openwall.com/lists/oss-security/2021/10/08/6
www.openwall.com/lists/oss-security/2021/10/09/1
www.openwall.com/lists/oss-security/2021/10/11/4
www.openwall.com/lists/oss-security/2021/10/15/3
www.openwall.com/lists/oss-security/2021/10/16/1
httpd.apache.org/security/vulnerabilities_24.html
lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3@%3Ccvs.httpd.apache.org%3E
lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837@%3Cannounce.apache.org%3E
lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb@%3Cusers.httpd.apache.org%3E
lists.fedoraproject.org/archives/list/[email protected]/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/
lists.fedoraproject.org/archives/list/[email protected]/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202208-20
security.netapp.com/advisory/ntap-20211029-0009/
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujan2022.html
www.povilaika.com/apache-2-4-50-exploit/