Lucene search
GoogleOSV:BIT-APACHE-2023-38709HistoryApr 06, 2024 - 6:17 p.m.
BIT-apache-2023-38709
2024-04-0618:17:43
Google
osv.dev
115
faulty input validation
apache http server
http responses
exploitable backend
content generators
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.This issue affects Apache HTTP Server: through 2.4.58.
References
www.openwall.com/lists/oss-security/2024/04/04/3
httpd.apache.org/security/vulnerabilities_24.html
lists.debian.org/debian-lts-announce/2024/05/msg00013.html
lists.fedoraproject.org/archives/list/[email protected]/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/
lists.fedoraproject.org/archives/list/[email protected]/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/
lists.fedoraproject.org/archives/list/[email protected]/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/
security.netapp.com/advisory/ntap-20240415-0013/
Related
cvelist
cvelist
CVE-2023-38709 Apache HTTP Server: HTTP response splitting
2024-04-04 19:19:35
vulnrichment
vulnrichment
CVE-2023-38709 Apache HTTP Server: HTTP response splitting
2024-04-04 19:19:35
debiancve
debiancve
CVE-2023-38709
2024-04-04 20:15:08
ubuntucve
ubuntucve
CVE-2023-38709
2024-04-04 00:00:00
f5
f5
K000139764: Apache HTTPD vulnerability CVE-2023-38709
2024-05-24 00:00:00
redhatcve
redhatcve
CVE-2023-38709
2024-04-04 19:32:04
alpinelinux
alpinelinux
CVE-2023-38709
2024-04-04 20:15:08
nessus
nessus
F5 Networks BIG-IP : Apache HTTPD vulnerability (K000139764)
2024-05-24 00:00:00
Fedora 40 : httpd (2024-937be154d8)
2024-04-29 00:00:00
Fedora 39 : httpd (2024-d0dccd6b96)
2024-05-02 00:00:00
cve
cve
CVE-2023-38709
2024-04-04 20:15:08
osv
osv
CVE-2023-38709
2024-04-04 20:15:08
apache2 vulnerabilities
2024-04-17 15:26:47
apache2 vulnerabilities
2024-04-11 16:19:44
cbl_mariner
cbl_mariner
CVE-2023-38709 affecting package httpd for versions less than 2.4.59-1
2024-05-06 17:48:02
nvd
nvd
CVE-2023-38709
2024-04-04 20:15:08
veracode
veracode
Improper Input Validation
2024-04-10 21:15:17
openvas
openvas
Fedora: Security Advisory for httpd (FEDORA-2024-d0dccd6b96)
2024-05-27 00:00:00
Fedora: Security Advisory for httpd (FEDORA-2024-c2f6576348)
2024-05-27 00:00:00
Fedora: Security Advisory for httpd (FEDORA-2024-937be154d8)
2024-05-27 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: httpd-2.4.59-2.fc40
2024-04-19 21:45:00
[SECURITY] Fedora 38 Update: httpd-2.4.59-2.fc38
2024-05-04 02:19:58
[SECURITY] Fedora 39 Update: httpd-2.4.59-2.fc39
2024-05-03 01:33:21
ibm
ibm
amazon
amazon
Medium: httpd
2024-04-24 22:15:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2024-04-10 07:03:52
kaspersky
kaspersky
KLA65470 Multiple vulnerabilities in Apache HTTP Server
2024-04-04 00:00:00
slackware
slackware
[slackware-security] httpd
2024-04-04 19:16:44
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2024-04-17 00:00:00
Apache HTTP Server vulnerabilities
2024-04-11 00:00:00
Apache HTTP Server vulnerabilities
2024-04-29 00:00:00
debian
debian
[SECURITY] [DSA 5662-1] apache2 security update
2024-04-16 18:32:07
[SECURITY] [DLA 3818-1] apache2 security update
2024-05-25 11:06:45
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.4%
Related for OSV:BIT-APACHE-2023-38709