INFSA-2024:4197: httpd:2.4/httpd security update
Information about definition
Identificator: INFSA-2024:4197
Type: security
Release date: 2024-10-10 05:53:21 UTC
Information about package
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Vulnerabilities description
- CVE-2023-38709
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-38709
|
no information | 6.8 | no information |
Updated packages