Launchpad CVE tracker

CVE 2023-27522

HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.

Related bugs and status

CVE-2023-27522 (Candidate) is related to these bugs:

Bug #2012865: [Debian] CVE: CVE-2006-20001/CVE-2023-25690/CVE-2022-36760/CVE-2022-37436/CVE-2023-27522: apache2: multi CVEs

Summary				In	Importance	Status
	2012865	[Debian] CVE: CVE-2006-20001/CVE-2023-25690/CVE-2022-36760/CVE-2022-37436/CVE-2023-27522: apache2: multi CVEs		StarlingX	High	Fix Released

Bug #2018048: Merge apache2 from Debian unstable for mantic

Summary				In	Importance	Status
	2018048	Merge apache2 from Debian unstable for mantic		apache2 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2023-27522

References