Multiple Consecutive Slashes Vulnerability in Apache HTTP Server

Multiple Consecutive Slashes Vulnerability in Apache HTTP Server

CVE-2019-0220 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.

Learn more about our Cis Benchmark Audit For Apache Http Server.