ГлавнаяУязвимости → CVE-2026-24072
8.8высокая

CVE-2026-24072

Описание

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue.

Затрагиваемое ПО
Apache Http server
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://httpd.apache.org/security/vulnerabilities_24.htmlhttp://www.openwall.com/lists/oss-security/2026/05/04/18