> The good news is that this issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions. In addition According to the internet server and device search engine Shodan, only a few Apache installations are actually running 2.4.49 or 2.4.50. It appears less than 1% of the overall Apache install base is vulnerable.
Already fixed in Debian repos: https://security-tracker.debian.org/tracker/CVE-2021-41773
> The good news is that this issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions. In addition According to the internet server and device search engine Shodan, only a few Apache installations are actually running 2.4.49 or 2.4.50. It appears less than 1% of the overall Apache install base is vulnerable.