CVE-2013-4352
published 2014-07-20CVE-2013-4352: The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | — | — |
| apache | httpd | — | — |
| debian | apache2 | < apache2 2.4.7-1 (bookworm) | apache2 2.4.7-1 (bookworm) |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM