CVE-2024-32638 | Apache APISIX 3.8.0/3.9.0 forward-auth Plugin request smuggling

Posted by Angelo Barbosa | May 2, 2024 | CVE

A vulnerability classified as critical was found in Apache APISIX 3.8.0/3.9.0. Affected by this vulnerability is an unknown functionality of the component forward-auth Plugin. The manipulation leads to http request smuggling.

This vulnerability is known as CVE-2024-32638. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-32638 | Apache APISIX 3.8.0/3.9.0 forward-auth Plugin request smuggling

Related Posts

CVE-2021-38938 | IBM Host Access Transformation Services up to 9.6.1.4/9.7.0.3 insufficiently protected credentials (XFDB-210989)

CVE-2024-24130 | Mail2World v12 Business Control Center resellercenter/login.asp Usr cross site scripting

CVE-2024-5657 | Born05 Two-Factor Authentication Plugin 3.3.1/3.3.2/3.3.3 on CraftCMS TOTP insufficiently protected credentials

CVE-2024-6893 | Journyx jtime 11.5.4 API soap_cgi.pyc xml external entity reference