VDB

DEBIAN-CVE-2021-36160

DEBIAN-CVE-2021-36160 PUBLISHED CVSS 7.5 HIGH

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:12apache20, 0, 0
Debian:13apache20, 0, 0
Debian:14apache20, 0, 0
Debian:12uwsgi2.0.31-4, 2.0.31-3, 2.0.31-2
Debian:11apache22.4.49-2, 0, 2.4.48-3.1
Debian:14uwsgi0, 2.0.30-1, 2.0.31-3
Debian:13uwsgi0, 2.0.28-9, 2.0.29-1
Debian:11uwsgi2.0.28-5, 2.0.28-8, 2.0.21-6

Timeline

  • Sep 16, 2021 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›