Is the HTTP proxy affected by CVE-2021-44224 or CVE-2021-44790 (see https://httpd.apache.org/security/vulnerabilities_24.html)?
I would assume yes for CVE-2021-44224 since it is configured as a forward proxy (ProxyRequests on) and no for CVE-2021-44790 since mod_lua is not enabled. Would appreciate if ESET admins could clarify and update the now outdated apachehttp.zip (https://www.eset.com/int/business/download/eset-protect/#standalone) from 2.4.51 to 2.4.52.
Thank you,
Stefan