CVE-2021-40438: Apache HTTP Server-Side Request Forgery (SSRF). A crafted

Apache HTTP Server-Side Request Forgery (SSRF). A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

• CISA KEV-listed (remediation due 2021-12-15)
• EPSS 94.4% (100.0% percentile)

Browse the CVE database

Read the full analysis on IntelFusions