https://bz.apache.org/bugzilla/show_bug.cgi?id=69994
--- Comment #1 from Dan Anderson <[email protected]> --- Created attachment 40163 --> https://bz.apache.org/bugzilla/attachment.cgi?id=40163&action=edit Shows curl command and how path traversal works Screenshot shows curl command and how path traversal worksif you use the AllowEncodedSlashes On and were to compile with any of the other potential supply chain attacks. NOTE: Because you would need to recompile the httpd binary after specifically disabling certain guardrails this is not a vulnerability. I would suggest changing request.c as stated in the overall bug report. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
