Critical Vulnerability in Apache HTTP Server

Published on 10 Jul 2024

Apache Software Foundation has released security updates to address a critical vulnerability (CVE-2024-39884) in their Apache HTTP Server. The vulnerability has a a Common Vulnerability Scoring System (CVSSv3) score of 9.1 out of 10.

Successful exploitation of the source code disclosure vulnerability could allow an unauthenticated attacker to access sensitive information from the servers.

The vulnerability affects Apache HTTP Server version 2.4.60.

Users and administrators of the affected product version are advised to update to the latest version immediately.

More information is available here: