0.004 Low
EPSS
Percentile
73.6%
It was found that Apache was vulnerable to a HTTP response splitting attack for sites which use mod_userdir. An attacker could use this flaw to inject CRLF characters into the HTTP header and could possibly gain access to secure data.
bugzilla.redhat.com/show_bug.cgi?id=1375968
www.cve.org/CVERecord?id=CVE-2016-4975 https://nvd.nist.gov/vuln/detail/CVE-2016-4975 https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975 https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975