CVE-2024-36387
Description
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.
CWE
- CWE-476 — CWE-476 NULL Pointer Dereference
Affected
- Apache Software Foundation / Apache HTTP Server — v=2.4.55 ≤2.4.59 [affected]
CVSS
- (none)
References
- https://httpd.apache.org/security/vulnerabilities_24.html vendor-advisory
- https://security.netapp.com/advisory/ntap-20240712-0001/
Source
cvelistV5-main/cves/2024/36xxx/CVE-2024-36387.json