Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache HTTP Server Unauthenticated File Disclosure on Windows
MINI-v76p-f288-2f2c
Summary
An issue has been discovered in the Apache HTTP Server software on Windows systems, which can allow an attacker to access files without needing a password. This is a concern because sensitive information might be exposed. Apache HTTP Server users on Windows should apply the latest updates to fix this issue.
What to do
- Update linkerd2 to version 26.4.1-r0.
- Update linkerd2-web to version 26.4.1-r0.
- Update linkerd2-cli to version 26.4.1-r0.
- Update linkerd2-proxy-identity to version 26.4.1-r0.
- Update linkerd2-controller to version 26.4.1-r0.
- Update linkerd2-controller-compat to version 26.4.1-r0.
- Update linkerd2-metrics-api to version 26.4.1-r0.
- Update linkerd2-metrics-api-compat to version 26.4.1-r0.
- Update linkerd2-tap to version 26.4.1-r0.
- Update linkerd2-tap-compat to version 26.4.1-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | linkerd2 | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-web | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-cli | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-proxy-identity | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-controller | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-controller-compat | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-metrics-api | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-metrics-api-compat | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-tap | <= 26.4.1-r0 | 26.4.1-r0 |
| – | linkerd2-tap-compat | <= 26.4.1-r0 | 26.4.1-r0 |
Original title
MINI-v76p-f288-2f2c
Published: 3 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026