Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 3

Vulnerabilities in apache http 2.4.52 used in FNP 11.19.0 and FNP

According to release notes for FNP 11.19.0 and FNP 11.19.1, apache httpd 2.4.52 is included, which is affected from CVE-2022-22720 (CVSS v3: 9.8), CVE-2022-23943 (CVSS v3: 9.8), CVE-2022-22721 (CVSS v3: 9.8), CVE-2022-22719 (CVSS v3: 7.5). A fixed version 2.4.53 of apache httpd is already available since 2022-03-14 but unfortunately, it wasn't used for FNP 11.19.1. Is there any reason why not?

0 Kudos
(1) Reply
Flexera Alumni

Hi @jschier  ,

We detected these vulnerability post implementing the plan for 11.19.1 , so please be assured that the version of apache httpd will be updated in the coming release .

0 Kudos