PT-2026-47320 · Apache · Apache Http Server
Published
2026-06-08
·
Updated
2026-06-08
·
CVE-2026-42536
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Apache HTTP Server versions 2.4.0 through 2.4.67
Description
A heap-based buffer overflow occurs when processing untrusted content using the
mod xml2enc module and the xml2StartParse() function. A heap-based buffer overflow is a memory corruption issue where data exceeds the allocated boundary of a buffer on the heap, potentially leading to crashes or arbitrary code execution.Recommendations
Upgrade to version 2.4.68.
Fix
DoS
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Http Server