The Apache web server is one of the most widely used open-source web servers in the world that powers almost 40 percent of the whole Internet. The vulnerability, identified as, was discovered by, a security engineer at Ambionics Security firm, and patched by the Apache developers in the latest version 2.4.39 of its software released today. The flaw affects Apache HTTP Server versions 2.17 through 2.38 and could allow any less-privileged user to execute arbitrary code with root privileges on the targeted server.
Source: https://thehackernews.com/2019/04/apache-web-server-security.html