Lucene search
GoogleOSV:ALSA-2023:1670HistoryApr 06, 2023 - 12:00 a.m.
Important: httpd and mod_http2 security update
2023-04-0600:00:00
Google
osv.dev
21
httpd
mod_http2
security
update
cve-2023-25690
web server
package
fix
http request splitting
mod_rewrite
mod_proxy
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.01
Percentile
84.3%
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
- httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
nessus
nessus
RHEL 8 : httpd:2.4 (RHSA-2023:1673)
2023-04-06 00:00:00
CentOS 9 : mod_http2-1.15.19-5.el9
2024-02-29 00:00:00
CBL Mariner 2.0 Security Update: httpd (CVE-2023-25690)
2023-03-28 00:00:00
debiancve
debiancve
CVE-2023-25690
2023-03-07 16:15:09
oraclelinux
oraclelinux
httpd security update
2023-04-05 00:00:00
httpd and mod_http2 security update
2023-04-06 00:00:00
httpd:2.4 security update
2023-04-07 00:00:00
veracode
veracode
HTTP Request Smuggling
2023-03-11 00:19:43
prion
prion
Design/Logic Flaw
2023-03-07 16:15:00
osv
osv
Important: httpd and mod_http2 security update
2023-04-12 01:41:37
CVE-2023-25690
2023-03-07 16:15:09
BIT-apache-2023-25690
2024-03-06 10:51:16
cvelist
cvelist
ibm
ibm
almalinux
almalinux
Important: httpd and mod_http2 security update
2023-04-06 00:00:00
Important: httpd:2.4 security update
2023-04-06 00:00:00
nvd
nvd
CVE-2023-25690
2023-03-07 16:15:09
cbl_mariner
cbl_mariner
CVE-2023-25690 affecting package httpd 2.4.55-1
2023-04-07 04:59:28
CVE-2023-25690 affecting package httpd for versions less than 2.4.56-1
2023-03-24 23:56:03
f5
f5
K000133098 : Apache vulnerability CVE-2023-25690
2023-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2023-25690
2023-03-07 00:00:00
redhatcve
redhatcve
CVE-2023-25690
2023-03-07 16:30:07
redhat
redhat
(RHSA-2023:1916) Important: httpd and mod_http2 security update
2023-04-20 13:36:11
(RHSA-2023:1670) Important: httpd and mod_http2 security update
2023-04-06 14:39:22
(RHSA-2023:3292) Important: httpd24-httpd security update
2023-05-24 08:44:51
alpinelinux
alpinelinux
CVE-2023-25690
2023-03-07 16:15:09
openvas
openvas
Ubuntu: Security Advisory (USN-5942-2)
2023-03-23 00:00:00
rocky
rocky
httpd bug fix update
2023-05-25 19:53:09
2.4 bug fix update
2023-05-18 19:17:56
httpd:2.4 security update
2023-04-12 01:40:50
zdt
zdt
Apache 2.4.55 mod_proxy HTTP Request Smuggling Exploit
2024-01-02 00:00:00
githubexploit
githubexploit
Exploit for HTTP Request Smuggling in Apache Http Server
2023-12-04 16:58:53
Exploit for HTTP Request Smuggling in Apache Http Server
2023-05-22 03:06:31
Exploit for HTTP Request Smuggling in Apache Http Server
2024-06-24 22:20:57
packetstorm
packetstorm
Apache 2.4.55 mod_proxy HTTP Request Smuggling
2024-01-02 00:00:00
ubuntu
ubuntu
Apache HTTP Server vulnerability
2023-03-22 00:00:00
Apache HTTP Server vulnerabilities
2023-03-09 00:00:00
cve
cve
CVE-2023-25690
2023-03-07 16:15:09
kaspersky
kaspersky
KLA48513 Multiple vulnerabilities in Apache HTTP Server
2023-03-07 00:00:00
mageia
mageia
Updated apache packages fix security vulnerability
2023-03-19 01:16:28
debian
debian
[SECURITY] [DLA 3401-1] apache2 security update
2023-04-24 21:25:54
[SECURITY] [DSA 5376-1] apache2 security update
2023-03-20 18:52:17
fedora
fedora
[SECURITY] Fedora 37 Update: httpd-2.4.56-1.fc37
2023-03-11 04:29:50
[SECURITY] Fedora 38 Update: httpd-2.4.56-1.fc38
2023-03-18 00:24:30
[SECURITY] Fedora 36 Update: httpd-2.4.56-1.fc36
2023-03-25 02:04:42
redos
redos
ROS-20230420-01
2023-04-20 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 1:2.4.56-alt1
2023-03-17 00:00:00
slackware
slackware
[slackware-security] httpd
2023-03-08 20:30:50
amazon
amazon
Important: httpd
2023-03-17 16:34:00
Important: httpd24
2023-03-17 15:53:00
attackerkb
attackerkb
CVE-2023-25690
2023-03-07 00:00:00
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2023-03-08 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0562
2023-04-05 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0370
2023-04-05 00:00:00
adobe
adobe
APSB23-43 : Security update available for Adobe Experience Manager
2023-09-12 00:00:00
APSB23-31 : Security update available for Adobe Experience Manager
2023-06-13 00:00:00
APSB24-21 : Security update available for Adobe Experience Manager
2024-04-09 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2155
2023-04-18 12:09:43
Advisory ROSA-SA-2023-2158
2023-04-25 11:30:17
Advisory ROSA-SA-2023-2161
2023-05-03 11:17:19
gentoo
gentoo
Apache HTTPD: Multiple Vulnerabilities
2023-09-08 00:00:00
qualysblog
qualysblog
Oracle Patch Tuesday, July 2023 Security Update Review
2023-07-19 15:56:06
hp
hp
HP Device Manager Security Updates
2023-04-13 00:00:00
ics
ics
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regimeβs Military and Nuclear Programs
2024-07-25 12:00:00
Siemens SINEC NMS
2024-02-15 12:00:00
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.01
Percentile
84.3%
Related for OSV:ALSA-2023:1670