Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-33193

Опубликовано: 16 авг. 2021
Источник: ubuntu
Приоритет: medium
CVSS2: 5
CVSS3: 7.5

Описание

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

РелизСтатусПримечание
bionic

released

2.4.29-1ubuntu4.17
devel

released

2.4.48-3.1ubuntu2
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

released

2.4.29-1ubuntu4.17
esm-infra/focal

released

2.4.41-4ubuntu3.5
esm-infra/xenial

not-affected

http2 disabled in xenial
focal

released

2.4.41-4ubuntu3.5
hirsute

released

2.4.46-4ubuntu1.2
impish

released

2.4.48-3.1ubuntu2
jammy

released

2.4.48-3.1ubuntu2

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-33193

CVSS3: 7.5
redhat
больше 4 лет назад

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

nvd логотип

CVE-2021-33193

CVSS3: 7.5
nvd
больше 4 лет назад

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

msrc логотип

CVE-2021-33193

CVSS3: 7.5
msrc
больше 4 лет назад

Request splitting via HTTP/2 method injection and mod_proxy

debian логотип

CVE-2021-33193

CVSS3: 7.5
debian
больше 4 лет назад

A crafted method sent through HTTP/2 will bypass validation and be for ...

suse-cvrf логотип

openSUSE-SU-2021:2954-1

suse-cvrf
около 4 лет назад

Security update for apache2

5 Medium

CVSS2

7.5 High

CVSS3