THREAT OPS › CVEs › CVE-2021-40438
CVE-2021-40438 — Apache HTTP Server-Side Request Forgery (SSRF)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
Vulnerability details
- Affected productsApache
- KEV remediation due2021-12-15