CVE-2021-40438: httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"

Severity: Critical

CVSS Score: 9.1

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.