February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Confucius APT Group Used Pegasus Spyware to Targeting Pakistani Military
August 20, 2021Rewterz Threat Advisory –CVE-2021-39131 – Node.js ced Module Vulnerability
August 20, 2021Rewterz Threat Alert – Confucius APT Group Used Pegasus Spyware to Targeting Pakistani Military
August 20, 2021Rewterz Threat Advisory –CVE-2021-39131 – Node.js ced Module Vulnerability
August 20, 2021
Severity
High
Analysis Summary
CVE-2021-33580
Apache Roller is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw by the request.getHeader, request.getRequestURL, and request.getQueryString functions. By sending a specially-crafted Referer header, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Affected Vendors
Apache
Affected Products
- Apache Roller 6.0.1
Remediation
Upgrade to the latest version of Apache Roller available from the Apache Web site.