Loading
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
Use CWE-416, Apache vendor hub and Http Server product page to widen CVE-2019-0211 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-23048, CVE-2025-58098 and CVE-2025-59775 for nearby disclosures in the same product family.