The Apache Software Foundation has released security update for Apache HTTP Server to address possible NULL dereference or SSRF vulnerability (CVE-2021-44224). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51. This vulnerability has been fixed in Apache HTTP Server 2.4.52.

More information on vulnerability and update is available in the Apache’s release note – apache.org.