CVE-2009-1191
EPSS 12.0%
Description
mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
How to fix CVE-2009-1191
To remediate CVE-2009-1191, upgrade the affected package to a fixed version below.
- Debian/apache2—upgrade to 2.2.11-4 or later
Is CVE-2009-1191 being exploited?
Moderate — EPSS is 12.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.2.11-4