- Home
- CVEs with nessus.description==Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution. (CVE-2016-8743)
Impact
An attacker may be able to perform HTTP request smuggling through specially crafted HTTP requests. For more information about HTTP request smuggling, refer to Section 9.5 Request Smuggling of Internet Engineering Task Force (RFC 7230).
Note : This link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top