- Description
- A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.61, which fixes this issue.
- Source
- security@apache.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.2
- Impact score
- 3.6
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
[#KUSANAGI9 Updated!] KUSANAGI 9 Module Update KUSANAGI 9 modules have been updated. The updated modules are as follows: httpd 2.4.63-1 This update includes support for vulnerability(CVE-2024-39884). The module update... https://t.co/3N3MLMilDl #KUSANAGI #KUSANAGI9
@kusanagi_saya
29 Jan 2025
8 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[#KUSANAGI9 Updated!] KUSANAGI 9モジュール更新情報 KUSANAGI 9 を構成している各モジュールのアップデートを行いました。 アップデートにより適用される各モジュールのバージョンは、以下のとおりとなります。 httpd 2.4.63-1 この更新には脆弱性(CVE-2024-39884)への対応が含まれます。… https://t.co/r8kFXrBGmu
@kusanagi_saya
29 Jan 2025
84 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
KUSANAGIモジュール更新情報 - 超高速CMS実行環境 KUSANAGI https://t.co/RL316n1172 httpd2.4.61-1に対応しました。 この更新には脆弱性(CVE-2024-39884)への対応が含まれます。 #KUSANAGI #WEXAL
@yoshihiro_oh
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes