Vulnerabilities > CVE-2021-26690 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

Vulnerable Configurations

Part Description Count
Application
Apache
46
Application
Oracle
5
OS
Debian
2
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)

References