Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apache HTTP Server Can Expose Sensitive Information
MINI-whq5-c289-8gqq
Summary
Apache HTTP Server versions 2.4.7 through 2.4.17 and 2.2.28 through 2.2.32 contain a vulnerability that can reveal sensitive information, including user credentials and configuration settings, to unauthorized users. This can happen when certain error messages are generated and sent to clients. To protect your server, update to a patched version of Apache HTTP Server or apply a workaround to prevent sensitive information from being exposed.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | apache-tika-3.0 | All versions | – |
| – | apache-tika-3.0-compat | All versions | – |
Original title
MINI-whq5-c289-8gqq
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026