HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.
Users are recommended to upgrade to version 2.4.59, which fixes this issue.
CVSS
No CVSS.
References
Configurations
No configuration.
History
04 May 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 May 2024, 03:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Apr 2024, 12:40
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Apr 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-04 20:15
Updated : 2024-05-04 03:15
NVD link : CVE-2024-24795
Mitre link : CVE-2024-24795
CVE.ORG link : CVE-2024-24795
JSON object : View
Products Affected
No product.
CWE
No CWE.