2May
CVE-2024-32638 | Apache APISIX 3.8.0/3.9.0 forward-auth Plugin request smuggling
A vulnerability classified as critical was found in Apache APISIX 3.8.0/3.9.0. Affected by this vulnerability is an unknown functionality of the component forward-auth Plugin. The manipulation leads to http request smuggling. This vulnerability is known as CVE-2024-32638. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.