PT-2026-47317 · Apache · Apache Http Server
Arkadi Vainbrand
+1
·
Published
2026-06-08
·
Updated
2026-06-08
·
CVE-2026-34356
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Apache HTTP Server versions 2.4.0 through 2.4.67
Description
A heap-based buffer overflow occurs when interacting with malicious backend servers using
ProxyPassReverseCookie*. A heap-based buffer overflow is a memory corruption issue where data exceeds the allocated boundary of a buffer on the heap, potentially leading to crashes or arbitrary code execution.Recommendations
Upgrade to version 2.4.68.
Fix
DoS
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Http Server