跳转到帖子

Huawei EulerOS: CVE-2023-27522: httpd security update

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Huawei EulerOS: CVE-2023-27522: httpd security update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
03/07/2023
Created
06/09/2023
Added
06/09/2023
Modified
01/28/2025

Description

HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.

Solution(s)

  • huawei-euleros-2_0_sp8-upgrade-httpd
  • huawei-euleros-2_0_sp8-upgrade-httpd-devel
  • huawei-euleros-2_0_sp8-upgrade-httpd-filesystem
  • huawei-euleros-2_0_sp8-upgrade-httpd-manual
  • huawei-euleros-2_0_sp8-upgrade-httpd-tools
  • huawei-euleros-2_0_sp8-upgrade-mod_session
  • huawei-euleros-2_0_sp8-upgrade-mod_ssl

References

  • https://attackerkb.com/topics/cve-2023-27522
  • CVE - 2023-27522
  • EulerOS-SA-2023-2191
  • 查看数 703
  • 已创建
  • 最后回复
转到主题列表