DEBIAN-CVE-2019-10098

DEBIAN-CVE-2019-10098 PUBLISHED CVSS 6.099999904632568 MEDIUM

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:14	apache2	0, 0, 0
Debian:13	apache2	0, 0, 0
Debian:12	apache2	0, 0, 0
Debian:11	apache2	0, 0, 0
Apache	httpd

Exploit Intelligence

Nuclei Template: CVE-2019-10098 (nuclei-template)

Timeline

Sep 25, 2019 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2019-10098 advisory

Open in Interactive Console →