Lucene search
Ubuntu.comUB:CVE-2023-38709HistoryApr 04, 2024 - 12:00 a.m.
CVE-2023-38709
2024-04-0400:00:00
ubuntu.com
ubuntu.com
31
cve-2023-38709
faulty input validation
exploitable backend
http responses
bugs
debian
unix
Faulty input validation in the core of Apache allows malicious or
exploitable backend/content generators to split HTTP responses. This issue
affects Apache HTTP Server: through 2.4.58.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | apache2 | < 2.4.29-1ubuntu4.27+esm2 | UNKNOWN |
| ubuntu | 20.04 | noarch | apache2 | < 2.4.41-4ubuntu3.17 | UNKNOWN |
| ubuntu | 22.04 | noarch | apache2 | < 2.4.52-1ubuntu4.9 | UNKNOWN |
| ubuntu | 23.10 | noarch | apache2 | < 2.4.57-2ubuntu2.4 | UNKNOWN |
| ubuntu | 24.04 | noarch | apache2 | < 2.4.58-1ubuntu8.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | apache2 | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | apache2 | < 2.4.18-2ubuntu3.17+esm12 | UNKNOWN |
References
httpd.apache.org/security/vulnerabilities_24.html
httpd.apache.org/security/vulnerabilities_24.html#CVE-2023-38709
launchpad.net/bugs/cve/CVE-2023-38709
nvd.nist.gov/vuln/detail/CVE-2023-38709
security-tracker.debian.org/tracker/CVE-2023-38709
ubuntu.com/security/notices/USN-6729-1
ubuntu.com/security/notices/USN-6729-2
ubuntu.com/security/notices/USN-6729-3
www.cve.org/CVERecord?id=CVE-2023-38709
www.openwall.com/lists/oss-security/2024/04/04/3
Related
debiancve
debiancve
CVE-2023-38709
2024-04-04 20:15:08
cvelist
cvelist
CVE-2023-38709 Apache HTTP Server: HTTP response splitting
2024-04-04 19:19:35
vulnrichment
vulnrichment
CVE-2023-38709 Apache HTTP Server: HTTP response splitting
2024-04-04 19:19:35
f5
f5
K000139764: Apache HTTPD vulnerability CVE-2023-38709
2024-05-24 00:00:00
redhatcve
redhatcve
CVE-2023-38709
2024-04-04 19:32:04
cbl_mariner
cbl_mariner
CVE-2023-38709 affecting package httpd for versions less than 2.4.59-1
2024-05-06 17:48:02
veracode
veracode
Improper Input Validation
2024-04-10 21:15:17
osv
osv
CVE-2023-38709
2024-04-04 20:15:08
BIT-apache-2023-38709
2024-04-06 18:17:43
apache2 vulnerabilities
2024-04-11 16:19:44
nvd
nvd
CVE-2023-38709
2024-04-04 20:15:08
alpinelinux
alpinelinux
CVE-2023-38709
2024-04-04 20:15:08
nessus
nessus
F5 Networks BIG-IP : Apache HTTPD vulnerability (K000139764)
2024-05-24 00:00:00
Amazon Linux 2 : httpd (ALAS-2024-2532)
2024-04-30 00:00:00
Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2024-607)
2024-04-29 00:00:00
cve
cve
CVE-2023-38709
2024-04-04 20:15:08
fedora
fedora
[SECURITY] Fedora 40 Update: httpd-2.4.59-2.fc40
2024-04-19 21:45:00
[SECURITY] Fedora 39 Update: httpd-2.4.59-2.fc39
2024-05-03 01:33:21
[SECURITY] Fedora 38 Update: httpd-2.4.59-2.fc38
2024-05-04 02:19:58
ibm
ibm
openvas
openvas
Fedora: Security Advisory for httpd (FEDORA-2024-937be154d8)
2024-05-27 00:00:00
Fedora: Security Advisory for httpd (FEDORA-2024-c2f6576348)
2024-05-27 00:00:00
Fedora: Security Advisory for httpd (FEDORA-2024-d0dccd6b96)
2024-05-27 00:00:00
amazon
amazon
Medium: httpd
2024-04-24 22:15:00
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2024-04-29 00:00:00
Apache HTTP Server vulnerabilities
2024-04-11 00:00:00
Apache HTTP Server vulnerabilities
2024-04-17 00:00:00
kaspersky
kaspersky
KLA65470 Multiple vulnerabilities in Apache HTTP Server
2024-04-04 00:00:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2024-04-10 07:03:52
slackware
slackware
[slackware-security] httpd
2024-04-04 19:16:44
debian
debian
[SECURITY] [DSA 5662-1] apache2 security update
2024-04-16 18:32:07
[SECURITY] [DLA 3818-1] apache2 security update
2024-05-25 11:06:45