Apache HTTP Server 2.4.60 Regression Leads to Source Code Disclosure

CVE-2024-39884

Currently unrated 🤨

Key Information

Vendor: Apache
Status: Apache Http Server
Vendor: CVE Published:; 4 July 2024

Badges

📰 News Worthy

Summary

The Apache Foundation has addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The vulnerability is caused by a regression in the handling of legacy content-type configurations, resulting in source code disclosure of local content, such as PHP scripts. Users are recommended to upgrade to version 2.4.61 to address this issue.

Affected Version(s)

Apache HTTP Server = 2.4.60

News Articles

Security Affairs

CVE-2024-39884

Apache fixed a source code disclosure flaw in Apache HTTP Server

The Apache Foundation addressed a source code disclosure vulnerability, tracked as CVE-2024-39884, in the Apache HTTP Server.

2 months ago

Timeline

First article discovered by Security Affairs
Jul 7, 2024
Vulnerability published.
Jul 4, 2024
Vulnerability Reserved.
Jul 1, 2024
reported
Jul 1, 2024

Collectors

NVD DatabaseMitre Database1 News Article(s)