Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Apache>
  3. Users
CVE-2033-44487
briansouthern24 at gmail
Oct 19, 2023, 4:30 PM
Post #1 of 2 (81 views)
Permalink
Has anyone been able to definitively determine if Apache HTTP 2.4.53 is
vulnerable to CVE-2023-44487? I've found forums where users and apparent
sysadmins indicate it may be, however the only reference to this CVE I've
been able to locate on Apache.org is as a comment made within another CVE
vulnerability fix report.

thank you.
Re: CVE-2033-44487 [ In reply to ]
thumbs at apache
Oct 20, 2023, 9:48 AM
Post #2 of 2 (79 views)
Permalink
Yes, you need to upgrade to 2.4.58, and make sure your system has nghttp2
.57 installed.

On Thu, Oct 19, 2023 at 7:31?PM Brian Southern <briansouthern24@gmail.com>
wrote:

> Has anyone been able to definitively determine if Apache HTTP 2.4.53 is
> vulnerable to CVE-2023-44487? I've found forums where users and apparent
> sysadmins indicate it may be, however the only reference to this CVE I've
> been able to locate on Apache.org is as a comment made within another CVE
> vulnerability fix report.
>
> thank you.
>

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal