CVE Database · CVE-2013-5704
CVSS v3.1
N/A
EPSS
60.20%
Published
Apr 15, 2014
Modified
May 6, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
Affected Products (76)
References (20)
...and 26 more
