Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-5j7h-7m92-jgh4

Опубликовано: 10 июл. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.

This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.

Users are recommended to upgrade to version 2.4.64, which fixes this issue.

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.

This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.

Users are recommended to upgrade to version 2.4.64, which fixes this issue.

Ссылки

EPSS

Процентиль: 62%
0.00432
Низкий

7.5 High

CVSS3

CVE ID

CVE-2024-42516

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2024-42516

CVSS3: 7.5
ubuntu
около 1 месяца назад

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue. Users are recommended to upgrade to version 2.4.64, which fixes this issue.

redhat логотип

CVE-2024-42516

CVSS3: 6.8
redhat
около 1 месяца назад

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue. Users are recommended to upgrade to version 2.4.64, which fixes this issue.

nvd логотип

CVE-2024-42516

CVSS3: 7.5
nvd
около 1 месяца назад

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue. Users are recommended to upgrade to version 2.4.64, which fixes this issue.

msrc логотип

CVE-2024-42516

CVSS3: 7.5
msrc
около 1 месяца назад

Описание отсутствует

debian логотип

CVE-2024-42516

CVSS3: 7.5
debian
около 1 месяца назад

HTTP response splitting in the core of Apache HTTP Server allows an at ...

EPSS

Процентиль: 62%
0.00432
Низкий

7.5 High

CVSS3

CVE ID

CVE-2024-42516

Дефекты

CWE-20