5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.467 Medium
EPSS
Percentile
97.4%
Apache HTTP SERVER PROJECT reports:
mod_proxy_fcgi: Fix a potential crash due to buffer over-read,
with response headersโ size above 8K.
mod_cache: Avoid a crash when Content-Type has an empty value. PR 56924.
mod_lua: Fix handling of the Require line when a LuaAuthzProvider is used
in multiple Require directives with different arguments. PR57204.
core: HTTP trailers could be used to replace HTTP headers late during
request processing, potentially undoing or otherwise confusing modules
that examined or modified request headers earlier. Adds โMergeTrailersโ
directive to restore legacy behavior.