vulnerability

Red Hat: CVE-2023-38709: httpd: HTTP response splitting (Multiple Advisories)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:N/I:C/A:N)
Published
04/04/2024
Added
07/03/2024
Modified
03/21/2025

Description

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.

This issue affects Apache HTTP Server: through 2.4.58.

Solution(s)

redhat-upgrade-httpdredhat-upgrade-httpd-coreredhat-upgrade-httpd-core-debuginforedhat-upgrade-httpd-debuginforedhat-upgrade-httpd-debugsourceredhat-upgrade-httpd-develredhat-upgrade-httpd-filesystemredhat-upgrade-httpd-manualredhat-upgrade-httpd-toolsredhat-upgrade-httpd-tools-debuginforedhat-upgrade-mod_http2redhat-upgrade-mod_http2-debuginforedhat-upgrade-mod_http2-debugsourceredhat-upgrade-mod_ldapredhat-upgrade-mod_ldap-debuginforedhat-upgrade-mod_luaredhat-upgrade-mod_lua-debuginforedhat-upgrade-mod_mdredhat-upgrade-mod_md-debuginforedhat-upgrade-mod_md-debugsourceredhat-upgrade-mod_proxy_htmlredhat-upgrade-mod_proxy_html-debuginforedhat-upgrade-mod_sessionredhat-upgrade-mod_session-debuginforedhat-upgrade-mod_sslredhat-upgrade-mod_ssl-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today