Description
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2007-1399)
WordPress Plugin Inline Tweet Sharer-Twitter Sharing Cross-Site Scripting (2.5.3)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
WordPress Plugin WORDPRESS VIDEO GALLERY Open Email Relay (2.8)
Joomla! Core 1.0.x Unspecified Vulnerability (1.0.0 - 1.0.3)