| Package | apache2 |
|---|---|
| Version | 2.4.25-3+deb9u20 (stretch) |
| Related CVEs | CVE-2024-38473 |
apache2 a popular webserver was affected by a vulnerability.
Encoding problem allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.
For Debian 9 stretch, these problems have been fixed in version 2.4.25-3+deb9u20.
We recommend that you upgrade your apache2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.