Vulnerabilities > CVE-2021-26691 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow

Vulnerable Configurations

Part Description Count
Application
Apache
46
Application
Oracle
10
Application
Netapp
1
OS
Debian
2
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)

References