Skip to content
English
  • There are no suggestions because the search field is empty.

Apache CVE-2026-49975

Original Question or Issue:

Is FileCloud vulnerable to the "http/2 bomb" vulnerability (CVE-2026-49975) due to the stack using Apache.


Environment:

  • Product - FileCloud Server
  • Version - 23.261
  • Platform - Any

Steps to Reproduce:

1. Review FileCloud server environment.

2. Check whether Apache HTTP/2 functionality is enabled.

3. Assess potential exposure to CVE-2026-49975.


Error or Log Message:

No specific error message was reported. This was a vulnerability exposure inquiry.


Defect or Enhancement Number:

 


Cause:

The CVE is related to HTTP/2 handling in affected web servers and would depend on Apache HTTP/2 / mod_http2 being enabled.


Resolution or Workaround:

FileCloud’s default Apache configuration does not appear to enable HTTP/2 by default. If HTTP/2 / mod_http2 has not been manually enabled, the server would not be expected to be exposed to this specific CVE through Apache.


Notes:

- This was a product security clarification rather than a break-fix issue.