First published: Tue Apr 02 2019(Updated: )
Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute code with the privileges of the parent process (usually root) by manipulating the scoreboard.
Credit: security@apache.org security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache HTTP server | >=2.4.17<=2.4.38 | |
Fedoraproject Fedora | =29 | |
Fedoraproject Fedora | =30 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =18.10 | |
Debian Debian Linux | =9.0 | |
openSUSE Leap | =15.0 | |
openSUSE Leap | =42.3 | |
Apache HTTP server | ||
ubuntu/apache2 | <2.4.29-1ubuntu4.6 | 2.4.29-1ubuntu4.6 |
ubuntu/apache2 | <2.4.34-1ubuntu2.1 | 2.4.34-1ubuntu2.1 |
ubuntu/apache2 | <2.4.18-2ubuntu3.10 | 2.4.18-2ubuntu3.10 |
debian/apache2 | 2.4.59-1~deb11u1 2.4.59-1~deb12u1 2.4.59-2 2.4.60-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-0211 is a vulnerability in Apache HTTP Server that allows code execution with escalated privileges.
Apache HTTP Server versions 2.4.17 to 2.4.38 are affected.
CVE-2019-0211 has a severity rating of high.
Update Apache HTTP Server to version 2.4.39 or later to fix the vulnerability.
You can find more information about CVE-2019-0211 on the Apache HTTP Server security page.