https://www.bleepingcomputer.com/news/security/apache-bug-lets-normal-users-gain-root-access-via-scripts/

A privilege escalation vulnerability of important severity in the Apache HTTP server allowing users with the right to write and run scripts to gain root on Unix systems was fixed in Apache httpd 2.4.39.

As detailed in the changelog, tracked as CVE-2019-0211, impacts all Apache HTTP Server releases from 2.4.17 to 2.4.38 and it makes it possible to execute arbitrary code via scoreboard manipulation.