In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server.
{ "cpes": [ "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" ], "severity": "Medium" }