Lucene search

CVE-2023-27522

🗓️ 07 Mar 2023 16:09:15Reported by apacheType

HTTP Response Smuggling vuln in Apache HTTP Server via mod_proxy_uwsgi

Reporter	Title	Published	Views	Family All 150
Tenable Nessus	Rocky Linux 8 : httpd:2.4 (RLSA-2023:5050)	19 Sep 202300:00	–	nessus
Tenable Nessus	AlmaLinux 8 : httpd:2.4 (ALSA-2023:5050)	12 Sep 202300:00	–	nessus
Tenable Nessus	RHEL 9 : httpd (RHSA-2024:4504)	11 Jul 202400:00	–	nessus
Tenable Nessus	Photon OS 5.0: Uwsgi PHSA-2023-5.0-0083	24 Jul 202400:00	–	nessus
Tenable Nessus	CentOS 8 : httpd:2.4 (CESA-2023:5050)	11 Sep 202300:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: httpd (CVE-2023-27522)	28 Mar 202300:00	–	nessus
Tenable Nessus	RHEL 8 : httpd:2.4 (RHSA-2023:5049)	11 Sep 202300:00	–	nessus
Tenable Nessus	RHEL 8 : httpd:2.4 (RHSA-2023:5050)	11 Sep 202300:00	–	nessus
Tenable Nessus	RHEL 9 : httpd and mod_http2 (RHSA-2023:6403)	7 Nov 202300:00	–	nessus
Tenable Nessus	Photon OS 4.0: Uwsgi PHSA-2023-4.0-0461	24 Jul 202400:00	–	nessus

Nvd

Vulners

Vulnrichment

Node

apache http_serverRange2.4.30–2.4.55

Node

debian debian_linuxMatch10.0

Node

unbit uwsgiRange<2.0.22

[
  {
    "defaultStatus": "unaffected",
    "product": "Apache HTTP Server",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "2.4.55",
        "status": "affected",
        "version": "2.4.30",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
httpd	www.httpd.apache.org/security/vulnerabilities_24.html
lists	www.lists.debian.org/debian-lts-announce/2023/04/msg00028.html
security	www.security.gentoo.org/glsa/202309-01

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 Mar 2023 16:15Current

8.8High risk

Vulners AI Score8.8

CVSS37.5

EPSS0.00847

SSVC

CWE-444