Lucene search
ApacheCVELIST:CVE-2023-38709HistoryApr 04, 2024 - 7:19 p.m.
CVE-2023-38709 Apache HTTP Server: HTTP response splitting
2024-04-0419:19:35
apache
www.cve.org
3
cve-2023-38709
http response splitting
apache http server
input validation
vulnerability
0.0004 Low
EPSS
Percentile
10.3%
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.
This issue affects Apache HTTP Server: through 2.4.58.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.4.58",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]References
www.openwall.com/lists/oss-security/2024/04/04/3
httpd.apache.org/security/vulnerabilities_24.html
lists.debian.org/debian-lts-announce/2024/05/msg00013.html
lists.fedoraproject.org/archives/list/[email protected]/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/
lists.fedoraproject.org/archives/list/[email protected]/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/
lists.fedoraproject.org/archives/list/[email protected]/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/
security.netapp.com/advisory/ntap-20240415-0013/
Related
debiancve
debiancve
CVE-2023-38709
2024-04-04 20:15:08
ubuntucve
ubuntucve
CVE-2023-38709
2024-04-04 00:00:00
f5
f5
K000139764: Apache HTTPD vulnerability CVE-2023-38709
2024-05-24 00:00:00
redhatcve
redhatcve
CVE-2023-38709
2024-04-04 19:32:04
cbl_mariner
cbl_mariner
CVE-2023-38709 affecting package httpd for versions less than 2.4.59-1
2024-05-06 17:48:02
veracode
veracode
Improper Input Validation
2024-04-10 21:15:17
osv
osv
CVE-2023-38709
2024-04-04 20:15:08
BIT-apache-2023-38709
2024-04-06 18:17:43
apache2 vulnerabilities
2024-04-11 16:19:44
nvd
nvd
CVE-2023-38709
2024-04-04 20:15:08
vulnrichment
vulnrichment
CVE-2023-38709 Apache HTTP Server: HTTP response splitting
2024-04-04 19:19:35
alpinelinux
alpinelinux
CVE-2023-38709
2024-04-04 20:15:08
nessus
nessus
F5 Networks BIG-IP : Apache HTTPD vulnerability (K000139764)
2024-05-24 00:00:00
Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2024-607)
2024-04-29 00:00:00
Amazon Linux 2 : httpd (ALAS-2024-2532)
2024-04-30 00:00:00
cve
cve
CVE-2023-38709
2024-04-04 20:15:08
fedora
fedora
[SECURITY] Fedora 40 Update: httpd-2.4.59-2.fc40
2024-04-19 21:45:00
[SECURITY] Fedora 39 Update: httpd-2.4.59-2.fc39
2024-05-03 01:33:21
[SECURITY] Fedora 38 Update: httpd-2.4.59-2.fc38
2024-05-04 02:19:58
ibm
ibm
openvas
openvas
Fedora: Security Advisory for httpd (FEDORA-2024-c2f6576348)
2024-05-27 00:00:00
Fedora: Security Advisory for httpd (FEDORA-2024-937be154d8)
2024-05-27 00:00:00
Fedora: Security Advisory for httpd (FEDORA-2024-d0dccd6b96)
2024-05-27 00:00:00
amazon
amazon
Medium: httpd
2024-04-24 22:15:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2024-04-29 00:00:00
Apache HTTP Server vulnerabilities
2024-04-11 00:00:00
Apache HTTP Server vulnerabilities
2024-04-17 00:00:00
kaspersky
kaspersky
KLA65470 Multiple vulnerabilities in Apache HTTP Server
2024-04-04 00:00:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2024-04-10 07:03:52
slackware
slackware
[slackware-security] httpd
2024-04-04 19:16:44
debian
debian
[SECURITY] [DSA 5662-1] apache2 security update
2024-04-16 18:32:07
[SECURITY] [DLA 3818-1] apache2 security update
2024-05-25 11:06:45