2442889 – (CVE-2026-3234) CVE-2026-3234 mod_proxy_cluster: apache mod_proxy_cluster: Response body corruption via CRLF injection

Bug 2442889 (CVE-2026-3234) - CVE-2026-3234 mod_proxy_cluster: apache mod_proxy_cluster: Response body corruption via CRLF injection

Summary: CVE-2026-3234 mod_proxy_cluster: apache mod_proxy_cluster: Response body corr...

Keywords:
Status:	NEW
Alias:	CVE-2026-3234
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2442892
Blocks:
TreeView+	depends on / blocked

Reported:	2026-02-26 00:19 UTC by OSIDB Bzimport
Modified:	2026-03-04 23:40 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-02-26 00:19:37 UTC

CRLF injection in Apache mod_proxy_cluster's decodeenc() function allows attackers to bypass input validation and inject CRLF sequences into cluster configuration, resulting in response body corruption in INFO endpoint responses.

Exploit requires network access to the MCMP protocol port (typically port 6666, usually restricted to internal/management networks). No authentication required due to validation bypass. Attacker must be able to send MCMP CONFIG messages.

Note You need to log in before you can comment on or make changes to this bug.