Security information about Apache HTTP Serve
Posted at Wednesday, October 06, 2021
Apache HTTP Server 2.4.49 contains a path traversal vulnerability.
It seems that an attack that exploits this vulnerability has already been confirmed.
This vulnerability may allow files outside the document root to be ingested.
This vulnerability has been fixed in 2.4.50, so please update if you are using 2.4.49.
Apache HTTP Server 2.4 vulnerabilities - The Apache HTTP Server Project
(https://httpd.apache.org/security/vulnerabilities_24.html)