Endpoint Vulnerability

Apache Httpd CVE-2017-9798 Use After Free Vulnerability

Description

Apache HTTP Server 2.2.34 and 2.4.x up to 2.4.27 can leak secret data from process memory via a use-after-free triggered by OPTIONS requests when the Limit directive is set in .htaccess or misconfigured httpd.conf.

Affected Applications

Apache Httpd

Version Updates

Date	Version	Status	Detail
2026-02-21	2.00700	New	Apache Httpd
2021-12-07	2.00079	Modified	Apache Httpd
2020-02-21	2.00048	New	Apache Httpd
2019-08-21	1.00042	Modified	Apache Httpd
2019-02-05	1.00034	Modified	Apache Httpd
2019-01-03	1.00033	Modified	Apache Httpd

References

https://httpd.apache.org/security/

ID	41663
Created	Jan 17, 2020
Description Updated	Mar 07, 2026
CVE ID
Risk
Coverage	FortiClient
OS	Linux
Vendor	Apache
Patch	manual
Application	Apache Httpd

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Endpoint Vulnerability

Apache Httpd CVE-2017-9798 Use After Free Vulnerability

Description

Affected Applications

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Endpoint Vulnerability

Apache Httpd CVE-2017-9798 Use After Free Vulnerability

Description

Affected Applications

Version Updates

References

Threat Intelligence
Center