CVE-2021-36160

Summary

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache HTTP ServerApache HTTP Server 2.4 <= 2.4.48affected

Weaknesses

  • CWE-125: CWE-125 out of bound read

ADP Enrichment

CVE Program Container

Additional References

References