HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.
Users are recommended to upgrade to version 2.4.59, which fixes this issue.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
30 Jun 2025, 12:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:o:broadcom:fabric_operating_system:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:* cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* |
|
First Time |
Broadcom
Netapp ontap Tools Netapp ontap Debian Apple Fedoraproject fedora Apache http Server Broadcom fabric Operating System Apple macos Debian debian Linux Fedoraproject Netapp Apache |
|
References | () https://httpd.apache.org/security/vulnerabilities_24.html - Release Notes, Vendor Advisory | |
References | () http://seclists.org/fulldisclosure/2024/Jul/18 - Mailing List | |
References | () http://www.openwall.com/lists/oss-security/2024/04/04/5 - Mailing List | |
References | () https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2024/05/msg00014.html - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/ - Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/ - Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/ - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20240415-0013/ - Third Party Advisory | |
References | () https://support.apple.com/kb/HT214119 - Third Party Advisory |
21 Nov 2024, 08:59
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | () https://httpd.apache.org/security/vulnerabilities_24.html - |
12 Nov 2024, 20:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-444 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.3 |
03 Oct 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-113 |
30 Jul 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Jul 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Jun 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Jun 2024, 17:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 May 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 May 2024, 03:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Apr 2024, 12:40
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Apr 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-04 20:15
Updated : 2025-06-30 12:55
NVD link : CVE-2024-24795
Mitre link : CVE-2024-24795
CVE.ORG link : CVE-2024-24795
JSON object : View
Products Affected
apple
- macos
netapp
- ontap
- ontap_tools
apache
- http_server
debian
- debian_linux
broadcom
- fabric_operating_system
fedoraproject
- fedora