CVE-2023-38709

Kenndaten

  • CVE.org (extern): Record bei CVE.org oeffnen
  • CVSS: 7.3
  • EPSS (FIRST): Score —, Perzentil —
  • EPSS-Stand:
  • Veroeffentlicht (CVE.org): 2024-04-04
  • Zuletzt angereichert: 2026-05-15 01:31 UTC
  • Externe Referenzen (Anzahl): 0
  • Anreicherungs-Plugins (Referenzen):

Eintraege mit Bezug zu CVE-2023-38709
2025-07-10 00:00

apache_httpd_sec

CVE-2024-42516: HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue. Users are recommended to upgrade to version 2.4.64, which fixes this issue.

 HIGH vendor_advisory
2024-04-04 00:00

apache_httpd_sec

CVE-2023-38709: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

 HIGH vendor_advisory
Alle CVEs