CVE List


Moderate 5.3

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.

Published June 12, 2019.

Affected software

Canonical Ubuntu Linux

Apache HTTP Server

Debian Debian Linux

Fedoraproject Fedora

Opensuse Leap

Reference links

Sign Up for Alerts