Lucene search
Alpine Linux Development TeamALPINE:CVE-2021-41524HistoryOct 05, 2021 - 9:15 a.m.
CVE-2021-41524
2021-10-0509:15:00
Alpine Linux Development Team
security.alpinelinux.org
22
0.006 Low
EPSS
Percentile
78.7%
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.11-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
| Alpine | 3.19-main | noarch | apache2 | < 2.4.50-r0 | UNKNOWN |
Related
osv
osv
CVE-2021-41524
2021-10-05 09:15:07
BIT-apache-2021-41524
2024-03-06 10:54:53
cvelist
cvelist
CVE-2021-41524 null pointer dereference in h2 fuzzing
2021-10-05 08:40:11
httpd
httpd
Apache Httpd < 2.4.50 : null pointer dereference in h2 fuzzing
2021-10-04 00:00:00
prion
prion
Null pointer dereference
2021-10-05 09:15:00
f5
f5
K56331254 : Apache HTTP server vulnerability CVE-2021-41524
2021-11-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-10-06 09:50:40
ubuntucve
ubuntucve
CVE-2021-41524
2021-10-05 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-41524 affecting package httpd 2.4.49-1
2021-10-15 04:46:31
cve
cve
CVE-2021-41524
2021-10-05 09:15:00
cnvd
cnvd
Apache HTTP Server Denial of Service Vulnerability (CNVD-2022-09237)
2021-10-10 00:00:00
redhatcve
redhatcve
CVE-2021-41524
2021-10-05 17:08:31
debiancve
debiancve
CVE-2021-41524
2021-10-05 09:15:00
nessus
nessus
Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities
2021-10-06 00:00:00
Apache 2.4.49 < 2.4.50 Multiple Vulnerabilities
2021-10-05 00:00:00
openvas
openvas
Apache HTTP Server 2.4.49 Multiple Vulnerabilities - Linux
2021-10-05 00:00:00
Slackware: Security Advisory (SSA:2021-278-01)
2022-04-21 00:00:00
Mageia: Security Advisory (MGASA-2021-0461)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: httpd-2.4.50-1.fc34
2021-10-07 17:19:23
[SECURITY] Fedora 35 Update: httpd-2.4.50-1.fc35
2021-10-29 23:19:42
mageia
mageia
Updated apache packages fix security vulnerabilities
2021-10-06 17:38:41
hivepro
hivepro
Multiple vulnerabilities have been discovered in the Apache HTTP Server
2021-10-06 08:57:02
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 1:2.4.50-alt1
2021-10-07 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.50-alt1
2021-10-07 00:00:00
thn
thn
Apache Warns of Zero-Day Exploit in the Wild — Patch Your Web Servers Now!
2021-10-05 14:53:00
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2021-10-05 00:00:00
slackware
slackware
[slackware-security] httpd
2021-10-06 01:14:05
kaspersky
kaspersky
KLA12371 Multiple vulnerabilities in Apache HTTP Server
2021-10-04 00:00:00
malwarebytes
malwarebytes
[Updated, again] Apache fixes zero-day vulnerability in HTTP Server
2021-10-06 14:23:08
photon
photon
Critical Photon OS Security Update - PHSA-2021-0118
2021-10-19 00:00:00
Critical Photon OS Security Update - PHSA-2021-4.0-0118
2021-10-20 00:00:00
cisco
cisco
Apache HTTP Server Vulnerabilities: October 2021
2021-10-07 16:00:00
redhat
redhat
amazon
amazon
Important: httpd24
2021-10-15 07:52:00
Important: httpd
2021-10-15 07:57:00
gentoo
gentoo
Apache HTTPD: Multiple Vulnerabilities
2022-08-14 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00