CVE-2023-38709

Updated: 2024-04-18 05:03:08.871416

Description:

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 6.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU httpd 2.4.53 6.8 MEDIUM Released CLSA-2024:1732194710 2024-11-21 12:07:03
CentOS 7 ELS httpd 2.4.6 6.8 MEDIUM Released CLSA-2024:1725382183 2024-09-17 12:28:40
CentOS 8.4 ELS httpd 2.4.37 6.8 MEDIUM Released CLSA-2024:1724351412 2024-08-22 14:32:56
CentOS 8.5 ELS httpd 2.4.37 6.8 MEDIUM Released CLSA-2024:1724351427 2024-08-22 17:33:56
CentOS Stream 8 ELS httpd 2.4.37 6.8 MEDIUM Released CLSA-2024:1724351166 2024-08-22 14:32:56
CloudLinux 7 ELS httpd 2.4.6 6.8 MEDIUM Released CLSA-2024:1726078096 2024-11-20 13:39:02
Ubuntu 16.04 ELS apache2 2.4.18 6.8 MEDIUM Released CLSA-2024:1725012024 2024-08-30 12:27:09
Ubuntu 18.04 ELS apache2 2.4.29 6.8 MEDIUM Released CLSA-2024:1728479129 2024-10-09 11:07:33