CVE-2019-0215

Published: 2019-04-08T20:29Z

Last Modified: 2024-11-21T04:16Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt