Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:5050

Опубликовано: 19 сент. 2023
Источник: rocky
Оценка: Moderate

Описание

Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

  • httpd: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
httpdx86_6456.module+el8.8.0+1284+07ef499e.6httpd-2.4.37-56.module+el8.8.0+1284+07ef499e.6.x86_64.rpm
httpd-develx86_6456.module+el8.8.0+1284+07ef499e.6httpd-devel-2.4.37-56.module+el8.8.0+1284+07ef499e.6.x86_64.rpm
httpd-filesystemnoarch56.module+el8.8.0+1284+07ef499e.6httpd-filesystem-2.4.37-56.module+el8.8.0+1284+07ef499e.6.noarch.rpm
httpd-filesystemnoarch56.module+el8.8.0+1284+07ef499e.6httpd-filesystem-2.4.37-56.module+el8.8.0+1284+07ef499e.6.noarch.rpm
httpd-manualnoarch56.module+el8.8.0+1284+07ef499e.6httpd-manual-2.4.37-56.module+el8.8.0+1284+07ef499e.6.noarch.rpm
httpd-manualnoarch56.module+el8.8.0+1284+07ef499e.6httpd-manual-2.4.37-56.module+el8.8.0+1284+07ef499e.6.noarch.rpm
httpd-toolsx86_6456.module+el8.8.0+1284+07ef499e.6httpd-tools-2.4.37-56.module+el8.8.0+1284+07ef499e.6.x86_64.rpm
mod_http2x86_648.module+el8.8.0+1284+07ef499e.3mod_http2-1.15.7-8.module+el8.8.0+1284+07ef499e.3.x86_64.rpm
mod_ldapx86_6456.module+el8.8.0+1284+07ef499e.6mod_ldap-2.4.37-56.module+el8.8.0+1284+07ef499e.6.x86_64.rpm
mod_mdx86_648.module+el8.8.0+1271+9ed9553dmod_md-2.0.8-8.module+el8.8.0+1271+9ed9553d.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-27522

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-27522

CVSS3: 7.5
ubuntu
почти 3 года назад

HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.

redhat логотип

CVE-2023-27522

CVSS3: 7.5
redhat
почти 3 года назад

HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.

nvd логотип

CVE-2023-27522

CVSS3: 7.5
nvd
почти 3 года назад

HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.

msrc логотип

CVE-2023-27522

CVSS3: 7.5
msrc
почти 3 года назад

Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting

debian логотип

CVE-2023-27522

CVSS3: 7.5
debian
почти 3 года назад

HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_pr ...