[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-24795":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":99,"aliases":100,"duplicate_of":9,"upstream":101,"downstream":102,"duplicates":141,"related":142,"reserved_at":9,"published_at":151,"modified_at":152,"state":153,"summary":154,"references_raw":163,"kevs":210,"epss":211,"epss_history":214,"metrics":478,"affected":486},"CVE-2024-24795","HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.\n\nUsers are recommended to upgrade to version 2.4.59, which fixes this issue.",null,[11,85],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-113","Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')","The product receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.","weakness","Incomplete","Variant",[19,23,77,81],{"id":20,"name":21,"techniques":22},"CAPEC-105","HTTP Request Splitting",[],{"id":24,"name":25,"techniques":26},"CAPEC-31","Accessing/Intercepting/Modifying HTTP Cookies",[27],{"id":28,"name":29,"tactics":30,"countermeasures":34},"T1539","Steal Web Session Cookie",[31],{"id":32,"name":33},"TA0031","Credential Access",[35,40,45,49,54,59,63,67,72],{"id":36,"name":37,"tactic":38},"D3-CCSA","Credential Compromise Scope Analysis",{"name":39},"Detect",{"id":41,"name":42,"tactic":43},"D3-CR","Credential Revocation",{"name":44},"Evict",{"id":46,"name":47,"tactic":48},"D3-ANCI","Authentication Cache Invalidation",{"name":44},{"id":50,"name":51,"tactic":52},"D3-DUC","Decoy User Credential",{"name":53},"Deceive",{"id":55,"name":56,"tactic":57},"D3-CH","Credential Hardening",{"name":58},"Harden",{"id":60,"name":61,"tactic":62},"D3-MFA","Multi-factor Authentication",{"name":58},{"id":64,"name":65,"tactic":66},"D3-CRO","Credential Rotation",{"name":58},{"id":68,"name":69,"tactic":70},"D3-RIC","Reissue Credential",{"name":71},"Restore",{"id":73,"name":74,"tactic":75},"D3-CTS","Credential Transmission Scoping",{"name":76},"Isolate",{"id":78,"name":79,"techniques":80},"CAPEC-34","HTTP Response Splitting",[],{"id":82,"name":83,"techniques":84},"CAPEC-85","AJAX Footprinting",[],{"_key":86,"id":86,"name":87,"description":88,"type":15,"status":16,"abstraction":89,"likelihood_of_exploit":9,"capec":90},"CWE-444","Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')","The product acts as an intermediary HTTP agent\n         (such as a proxy or firewall) in the data flow between two\n         entities such as a client and server, but it does not\n         interpret malformed HTTP requests or responses in ways that\n         are consistent with how the messages will be processed by\n         those entities that are at the ultimate destination.","Base",[91,95],{"id":92,"name":93,"techniques":94},"CAPEC-273","HTTP Response Smuggling",[],{"id":96,"name":97,"techniques":98},"CAPEC-33","HTTP Request Smuggling",[],[],[],[],[103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139],{"_key":104},"ALPINE-CVE-2024-24795",{"_key":106},"SUSE-SU-2024:1627-1",{"_key":108},"SUSE-SU-2024:1788-1",{"_key":110},"SUSE-SU-2024:3853-1",{"_key":112},"SUSE-SU-2024:1868-1",{"_key":114},"SUSE-SU-2024:1963-1",{"_key":116},"SUSE-SU-2024:3861-1",{"_key":118},"OPENSUSE-SU-2024:14463-1",{"_key":120},"DLA-3818-1",{"_key":122},"DSA-5662-1",{"_key":124},"MGASA-2024-0118",{"_key":126},"USN-6729-1",{"_key":128},"USN-6729-3",{"_key":130},"DEBIAN-CVE-2024-24795",{"_key":132},"RHSA-2024:9306",{"_key":134},"USN-6729-2",{"_key":136},"UBUNTU-CVE-2024-24795",{"_key":138},"USN-8338-1",{"_key":140},"RHSA-2025:3452",[],[143,144,145,146,147,148,149,150],{"_key":106},{"_key":108},{"_key":110},{"_key":112},{"_key":114},{"_key":116},{"_key":118},{"_key":124},"2024-04-04T19:20:48.803Z","2024-11-12T19:48:20.007Z","Analyzed",{"cisa_kev":155,"cisa_ransomware":155,"cisa_vendor":9,"epss_severity":156,"epss_score":157,"severity":158,"severity_score":159,"severity_version":160,"severity_source":161,"severity_vector":162,"severity_status":153},false,"low",0.01123,"medium",6.3,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",[164,171,177,181,186,190,194,198,202,206],{"url":165,"sources":166,"tags":168},"https://httpd.apache.org/security/vulnerabilities_24.html",[161,167],"nvd",[169,170],"Vendor Advisory","Release Notes",{"url":172,"sources":173,"tags":174},"https://security.netapp.com/advisory/ntap-20240415-0013/",[161,167],[175,176],"X Transferred","Third Party Advisory",{"url":178,"sources":179,"tags":180},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/",[161,167],[175,176],{"url":182,"sources":183,"tags":184},"http://www.openwall.com/lists/oss-security/2024/04/04/5",[161,167],[175,185],"Mailing List",{"url":187,"sources":188,"tags":189},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/",[161,167],[175,176],{"url":191,"sources":192,"tags":193},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/",[161,167],[175,176],{"url":195,"sources":196,"tags":197},"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html",[161,167],[175,185,176],{"url":199,"sources":200,"tags":201},"https://lists.debian.org/debian-lts-announce/2024/05/msg00014.html",[161,167],[175,185,176],{"url":203,"sources":204,"tags":205},"https://support.apple.com/kb/HT214119",[161,167],[175,176],{"url":207,"sources":208,"tags":209},"http://seclists.org/fulldisclosure/2024/Jul/18",[161,167],[175,185],[],{"date":212,"score":157,"percentile":213},"2026-06-05",0.78634,[215,219,222,225,228,231,234,237,239,241,244,247,250,252,255,259,262,265,268,271,274,277,280,283,286,289,292,294,298,301,303,306,308,311,314,316,319,322,325,328,331,333,335,338,341,344,347,350,352,355,358,361,364,367,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,421,424,427,430,433,436,439,442,445,448,451,454,457,460,463,466,468,471,474],{"date":216,"score":217,"percentile":218},"2025-11-04",0.01219,0.78404,{"date":220,"score":217,"percentile":221},"2025-11-05",0.78403,{"date":223,"score":217,"percentile":224},"2025-11-06",0.78398,{"date":226,"score":217,"percentile":227},"2025-11-07",0.78413,{"date":229,"score":217,"percentile":230},"2025-11-08",0.78419,{"date":232,"score":217,"percentile":233},"2025-11-09",0.78414,{"date":235,"score":217,"percentile":236},"2025-11-10",0.78401,{"date":238,"score":217,"percentile":221},"2025-11-11",{"date":240,"score":217,"percentile":230},"2025-11-12",{"date":242,"score":217,"percentile":243},"2025-11-13",0.78428,{"date":245,"score":217,"percentile":246},"2025-11-14",0.78435,{"date":248,"score":217,"percentile":249},"2025-11-15",0.78433,{"date":251,"score":217,"percentile":246},"2025-11-16",{"date":253,"score":217,"percentile":254},"2025-11-17",0.78429,{"date":256,"score":257,"percentile":258},"2025-11-18",0.09849,0.92179,{"date":260,"score":257,"percentile":261},"2025-11-19",0.92183,{"date":263,"score":257,"percentile":264},"2025-11-20",0.92187,{"date":266,"score":217,"percentile":267},"2025-11-21",0.78458,{"date":269,"score":217,"percentile":270},"2025-11-22",0.78459,{"date":272,"score":217,"percentile":273},"2025-11-23",0.78447,{"date":275,"score":217,"percentile":276},"2025-11-24",0.78446,{"date":278,"score":217,"percentile":279},"2025-11-25",0.7845,{"date":281,"score":217,"percentile":282},"2025-11-26",0.78453,{"date":284,"score":217,"percentile":285},"2025-11-27",0.78457,{"date":287,"score":217,"percentile":288},"2025-11-28",0.78449,{"date":290,"score":217,"percentile":291},"2025-11-29",0.78454,{"date":293,"score":217,"percentile":291},"2025-11-30",{"date":295,"score":296,"percentile":297},"2025-12-01",0.0146,0.80342,{"date":299,"score":296,"percentile":300},"2025-12-02",0.80344,{"date":302,"score":296,"percentile":300},"2025-12-03",{"date":304,"score":217,"percentile":305},"2025-12-04",0.78444,{"date":307,"score":217,"percentile":279},"2025-12-05",{"date":309,"score":217,"percentile":310},"2025-12-06",0.78452,{"date":312,"score":217,"percentile":313},"2025-12-07",0.78448,{"date":315,"score":217,"percentile":282},"2025-12-08",{"date":317,"score":217,"percentile":318},"2025-12-09",0.7847,{"date":320,"score":217,"percentile":321},"2025-12-10",0.78493,{"date":323,"score":217,"percentile":324},"2025-12-11",0.78509,{"date":326,"score":217,"percentile":327},"2025-12-12",0.78527,{"date":329,"score":217,"percentile":330},"2025-12-13",0.78528,{"date":332,"score":217,"percentile":327},"2025-12-14",{"date":334,"score":217,"percentile":327},"2025-12-15",{"date":336,"score":217,"percentile":337},"2025-12-16",0.78538,{"date":339,"score":217,"percentile":340},"2025-12-17",0.78546,{"date":342,"score":217,"percentile":343},"2025-12-18",0.78562,{"date":345,"score":217,"percentile":346},"2025-12-19",0.78573,{"date":348,"score":217,"percentile":349},"2025-12-20",0.7857,{"date":351,"score":217,"percentile":343},"2025-12-21",{"date":353,"score":217,"percentile":354},"2025-12-22",0.78565,{"date":356,"score":217,"percentile":357},"2025-12-23",0.78566,{"date":359,"score":217,"percentile":360},"2025-12-24",0.78578,{"date":362,"score":217,"percentile":363},"2025-12-25",0.78599,{"date":365,"score":217,"percentile":366},"2025-12-26",0.78597,{"date":368,"score":369,"percentile":370},"2025-12-27",0.01914,0.82894,{"date":372,"score":217,"percentile":373},"2025-12-28",0.78586,{"date":375,"score":217,"percentile":376},"2025-12-29",0.78581,{"date":378,"score":217,"percentile":379},"2025-12-30",0.78587,{"date":381,"score":217,"percentile":382},"2025-12-31",0.786,{"date":384,"score":296,"percentile":385},"2026-01-01",0.80505,{"date":387,"score":296,"percentile":388},"2026-01-02",0.80503,{"date":390,"score":296,"percentile":391},"2026-01-03",0.80499,{"date":393,"score":217,"percentile":394},"2026-01-04",0.78595,{"date":396,"score":217,"percentile":397},"2026-01-05",0.78591,{"date":399,"score":217,"percentile":400},"2026-01-06",0.78598,{"date":402,"score":217,"percentile":403},"2026-01-07",0.78606,{"date":405,"score":217,"percentile":406},"2026-01-08",0.78614,{"date":408,"score":217,"percentile":409},"2026-01-09",0.78617,{"date":411,"score":217,"percentile":412},"2026-01-10",0.7862,{"date":414,"score":217,"percentile":415},"2026-01-11",0.78613,{"date":417,"score":217,"percentile":418},"2026-01-12",0.78601,{"date":420,"score":217,"percentile":400},"2026-01-13",{"date":422,"score":217,"percentile":423},"2026-01-14",0.78619,{"date":425,"score":217,"percentile":426},"2026-01-15",0.78622,{"date":428,"score":217,"percentile":429},"2026-01-16",0.78628,{"date":431,"score":217,"percentile":432},"2026-01-17",0.78636,{"date":434,"score":217,"percentile":435},"2026-01-18",0.78633,{"date":437,"score":217,"percentile":438},"2026-01-19",0.78632,{"date":440,"score":217,"percentile":441},"2026-01-20",0.78631,{"date":443,"score":217,"percentile":444},"2026-01-21",0.78637,{"date":446,"score":217,"percentile":447},"2026-01-22",0.78645,{"date":449,"score":217,"percentile":450},"2026-01-23",0.78672,{"date":452,"score":217,"percentile":453},"2026-01-24",0.78683,{"date":455,"score":217,"percentile":456},"2026-01-25",0.78678,{"date":458,"score":217,"percentile":459},"2026-01-26",0.78673,{"date":461,"score":217,"percentile":462},"2026-01-27",0.78671,{"date":464,"score":217,"percentile":465},"2026-01-28",0.78677,{"date":467,"score":217,"percentile":450},"2026-01-29",{"date":469,"score":157,"percentile":470},"2026-01-30",0.77845,{"date":472,"score":157,"percentile":473},"2026-01-31",0.77847,{"date":475,"score":476,"percentile":477},"2026-02-01",0.01346,0.79788,[479,484],{"source":161,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":480,"cvss_v4_0":9},{"baseScore":159,"baseSeverity":481,"vectorString":162,"impactScore":482,"exploitabilityScore":483},"MEDIUM",5.7,7.2,{"source":167,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":485,"cvss_v4_0":9},{"baseScore":159,"baseSeverity":481,"vectorString":162,"impactScore":482,"exploitabilityScore":483},[487,499,507,513,521,528,538,544],{"ecosystem":9,"name":488,"vendor":489,"product":490,"cpe_part":491,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":492},"Apache HTTP Server","apache software foundation","apache http server","a",[493],{"version":494,"is_range":495,"range_type":161,"version_start":496,"version_start_type":497,"version_end":498,"version_end_type":497,"fixed_in":9},">= 2.4.0, \u003C= 2.4.58",true,"2.4.0","including","2.4.58",{"ecosystem":9,"name":500,"vendor":9,"product":500,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"HTTP Server",[502],{"version":503,"is_range":495,"range_type":504,"version_start":496,"version_start_type":497,"version_end":505,"version_end_type":506,"fixed_in":9},"gte2.4.0_lt2.4.59","cpe","2.4.59","excluding",{"ecosystem":9,"name":508,"vendor":9,"product":508,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"macOS",[510],{"version":511,"is_range":495,"range_type":504,"version_start":9,"version_start_type":9,"version_end":512,"version_end_type":506,"fixed_in":9},"lt14.6","14.6",{"ecosystem":9,"name":514,"vendor":515,"product":516,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":518},"fabric operating system","broadcom","fabric_operating_system","o",[519],{"version":520,"is_range":155,"range_type":504,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":522,"vendor":523,"product":524,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":525},"debian linux","debian","debian_linux",[526],{"version":527,"is_range":155,"range_type":504,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":529,"vendor":530,"product":529,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":531},"fedora","fedoraproject",[532,534,536],{"version":533,"is_range":155,"range_type":504,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38",{"version":535,"is_range":155,"range_type":504,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"39",{"version":537,"is_range":155,"range_type":504,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"40",{"ecosystem":9,"name":539,"vendor":540,"product":539,"cpe_part":491,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":541},"ontap","netapp",[542],{"version":543,"is_range":155,"range_type":504,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9",{"ecosystem":9,"name":545,"vendor":540,"product":546,"cpe_part":491,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":547},"ontap tools","ontap_tools",[548],{"version":549,"is_range":155,"range_type":504,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10"]