64 行
1.9 KiB
JSON
64 行
1.9 KiB
JSON
{
|
|
"canonical_id": "apache-httpd--CVE-2021-41773",
|
|
"system_id": "apache-httpd",
|
|
"display_name": "Apache HTTP Server",
|
|
"category": "servers",
|
|
"advisory_mode": "server",
|
|
"title": "Apache HTTP Server Path Traversal Vulnerability",
|
|
"summary": "Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default \ufffdrequire all denied\ufffd or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, please review remediation information under CVE-2021-42013.",
|
|
"published_at": "2021-11-03",
|
|
"updated_at": "2021-11-17",
|
|
"severity": "critical",
|
|
"cvss_score": null,
|
|
"exploit_status": "known_exploited",
|
|
"source_confidence": "official",
|
|
"official_source_url": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
|
|
"secondary_source_urls": [],
|
|
"aliases": [
|
|
"CVE-2021-41773"
|
|
],
|
|
"cve_ids": [
|
|
"CVE-2021-41773"
|
|
],
|
|
"ghsa_ids": [],
|
|
"osv_ids": [],
|
|
"affected_versions": [],
|
|
"fixed_versions": [],
|
|
"package_name": null,
|
|
"render_markdown": false,
|
|
"case_path": null,
|
|
"secure_code_topics": [
|
|
"request-smuggling-boundary",
|
|
"proxy-trust-boundary",
|
|
"path-traversal-guard"
|
|
],
|
|
"status": "triage",
|
|
"triage_reasons": [
|
|
"missing affected/fixed version details"
|
|
],
|
|
"verification_status": "triage-manual",
|
|
"verification_mode": "synthetic",
|
|
"last_verified_at": null,
|
|
"last_run_id": null,
|
|
"evidence_bundle": null,
|
|
"historical_status": null,
|
|
"latest_status": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
},
|
|
"repro_profile_id": "proxy-boundary-generic",
|
|
"artifact_mode": "official-image",
|
|
"blocked_reason": null,
|
|
"metadata": {
|
|
"source_names": [
|
|
"CISA KEV Apache HTTPD"
|
|
],
|
|
"source_kinds": [
|
|
"kev-json"
|
|
],
|
|
"candidate_count": 1
|
|
}
|
|
}
|