Apache says it has fixed a zero-day vulnerability in its HTTP server. The vulnerability, it says, has been exploited in the wild. More than 112,000 Apache HTTP servers facing the internet are still running the vulnerable version 2.4.49. The U.S. Cybersecurity and Infrastructure Security Agency urges users and administrators to apply the necessary update. The company has also fixed another vulnerability, tracked as CVE-2021-41524, in its latest software version. This is the second time in two days that Apache has been in news for security concerns.”]
Source: https://www.cuinfosecurity.com/apache-fixes-zero-day-flaw-exploited-in-wild-a-17685