Unrated severityNVD Advisory· Published Sep 15, 2012· Updated Jun 16, 2026
CVE-2012-4001
CVE-2012-4001
Description
The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:google:mod_pagespeed:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:google:mod_pagespeed:*:*:*:*:*:*:*:*range: <=0.10.22.4
- cpe:2.3:a:google:mod_pagespeed:0.10.19.1:*:*:*:*:*:*:*
- (no CPE)range: <0.10.22.6
Patches
Vulnerability mechanics
References
2- developers.google.com/speed/docs/mod_pagespeed/CVE-2012-4001nvdVendor Advisory
- developers.google.com/speed/docs/mod_pagespeed/announce-0.10.22.6nvdVendor Advisory
News mentions
0No linked articles in our index yet.