- Home
- CVEs with nessus.description==Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was
liberal in the whitespace accepted from requests and sent in response
lines and headers. Accepting these different behaviors represented a
security concern when httpd participates in any chain of proxies or
interacts with back-end application servers, either through mod_proxy
or using conventional CGI mechanisms, and may result in request
smuggling, response splitting and cache pollution. (CVE-2016-8743)
Impact
An attacker may be able to perform HTTP request smuggling through
specially crafted HTTP requests. For more information about HTTP
request smuggling, refer to Section 9.5 Request Smuggling of Internet
Engineering Task Force (RFC 7230).
Note : This link takes you to a resource outside of AskF5. The third
party could remove the document without our knowledge.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top