Apache HTTP Server: Authentication Bypass via URL Path Traversal

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Apache HTTP Server: Authentication Bypass via URL Path Traversal

MINI-mvj9-2cc9-6684

Summary

Apache HTTP Server may allow attackers to bypass authentication controls on certain websites, potentially allowing unauthorized access to sensitive data. This could happen if a website uses a specific configuration and a malicious user submits a specially crafted URL. To protect against this issue, update your Apache HTTP Server to the latest version or adjust your configuration to prevent URL path traversal attacks.

What to do

Update weaviate-1.35 to version 1.35.13-r0.

Affected software

Vendor	Product	Affected versions	Fix available
–	weaviate-1.35	<= 1.35.13-r0	1.35.13-r0

Original title

MINI-mvj9-2cc9-6684

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026