Primary

Context

Apache HTTP Server mod_dav_fs Protected Directory Access Vulnerability

Vulnerability

Patched

A path handling vulnerability has been identified in the mod_dav_fs module of Apache HTTP Server versions through 2.4.67. This vulnerability allows WebDAV content authors to directly manipulate trusted DAV property databases, which could lead to crashes in child processes. The issue arises from improper handling of paths, enabling potential disruption of server processes.

Impact

Exploitation of this vulnerability can cause child process crashes, leading to a denial-of-service condition on the server.

Remediation

Users are advised to upgrade to Apache HTTP Server version 2.4.68, which addresses this vulnerability.

Added: Jun 8, 2026, 5:16 PM

Updated: Jun 8, 2026, 5:16 PM

Vulnerability Rating

Custom Algorithm

spread

9.4

impact

3.1

exploitability

5.4

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.4

impact

3.1

exploitability

5.4

remediation

7.7

relevance

9.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache HTTP Server mod_dav_fs Protected Directory Access Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apache HTTP Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating