Lucene search
ApacheCVELIST:CVE-2024-32638HistoryMay 02, 2024 - 9:20 a.m.
CVE-2024-32638 Apache APISIX: Forward-Auth Request Smuggling
2024-05-0209:20:29
CWE-444
apache
www.cve.org
1
cve-2024-32638
apache apisix
forward-auth request
http request smuggling
vulnerability
upgrade
Inconsistent Interpretation of HTTP Requests (βHTTP Request Smugglingβ)Β vulnerability in Apache APISIX when using forward-auth plugin.This issue affects Apache APISIX: from 3.8.0, 3.9.0.
Users are recommended to upgrade to version 3.8.1, 3.9.1 or higher, which fixes the issue.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache APISIX",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.9.0",
"status": "affected",
"version": "3.8.0",
"versionType": "custom"
}
]
}
]Related
osv
osv
BIT-apisix-2024-32638
2024-05-04 07:16:19
nvd
nvd
CVE-2024-32638
2024-05-02 10:15:08
vulnrichment
vulnrichment
CVE-2024-32638 Apache APISIX: Forward-Auth Request Smuggling
2024-05-02 09:20:29
cve
cve
CVE-2024-32638
2024-05-02 10:15:08