vulnerability

Red Hat: CVE-2023-38709: httpd: HTTP response splitting (Multiple Advisories)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:C/A:N)
Published
Apr 4, 2024
Added
Jul 3, 2024
Modified
Aug 21, 2025

Description

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.

This issue affects Apache HTTP Server: through 2.4.58.

Solutions

no-fix-redhat-rpm-packageredhat-upgrade-httpdredhat-upgrade-httpd-coreredhat-upgrade-httpd-core-debuginforedhat-upgrade-httpd-debuginforedhat-upgrade-httpd-debugsourceredhat-upgrade-httpd-develredhat-upgrade-httpd-filesystemredhat-upgrade-httpd-manualredhat-upgrade-httpd-toolsredhat-upgrade-httpd-tools-debuginforedhat-upgrade-mod_http2redhat-upgrade-mod_http2-debuginforedhat-upgrade-mod_http2-debugsourceredhat-upgrade-mod_ldapredhat-upgrade-mod_ldap-debuginforedhat-upgrade-mod_luaredhat-upgrade-mod_lua-debuginforedhat-upgrade-mod_mdredhat-upgrade-mod_md-debuginforedhat-upgrade-mod_md-debugsourceredhat-upgrade-mod_proxy_htmlredhat-upgrade-mod_proxy_html-debuginforedhat-upgrade-mod_sessionredhat-upgrade-mod_session-debuginforedhat-upgrade-mod_sslredhat-upgrade-mod_ssl-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today