Launchpad CVE tracker

CVE 2023-38709

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

Related bugs and status

CVE-2023-38709 (Candidate) is related to these bugs:

Bug #2045055: link in default index.html should be HTTPS

Summary				In	Importance	Status
	2045055	link in default index.html should be HTTPS		apache2 (Ubuntu)	Low	Fix Released
	2045055	link in default index.html should be HTTPS		apache2 (Debian)	Unknown	New

Bug #2063187: [Debian] High CVE: CVE-2023-31122/CVE-2023-38709/.../CVE-2024-24795/CVE-2024-27316 apache2 : multiple CVEs

Summary				In	Importance	Status
	2063187	[Debian] High CVE: CVE-2023-31122/CVE-2023-38709/.../CVE-2024-24795/CVE-2024-27316 apache2 : multiple CVEs		StarlingX	High	Fix Released

Bug #2064378: Merge apache2 from Debian unstable for oracular

Summary				In	Importance	Status
	2064378	Merge apache2 from Debian unstable for oracular		apache2 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2023-38709

References