BIT-apache-2026-44119

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/apache/BIT-apache-2026-44119.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-apache-2026-44119

Aliases

CVE-2026-44119

Published

2026-06-10T08:39:17.423Z

Modified

2026-06-10T09:15:05.768138616Z

Summary

Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules

Details

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.

This issue affects Apache HTTP Server: from through 2.4.67.

Users are recommended to upgrade to version 2.4.68, which fixes the issue.

Database specific

{
    "cpes": [
        "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}

References

Affected packages

Bitnami / apache

Package

Name: apache
Purl: pkg:bitnami/apache

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

2.4.0

Fixed

2.4.68

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/apache/BIT-apache-2026-44119.json"