Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-33193

Опубликовано: 16 авг. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

РелизСтатусПримечание
bionic

released

2.4.29-1ubuntu4.17
devel

released

2.4.48-3.1ubuntu2
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

2.4.29-1ubuntu4.17
esm-infra/focal

not-affected

2.4.41-4ubuntu3.5
esm-infra/xenial

not-affected

http2 disabled in xenial
focal

released

2.4.41-4ubuntu3.5
hirsute

released

2.4.46-4ubuntu1.2
impish

released

2.4.48-3.1ubuntu2
jammy

released

2.4.48-3.1ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%
0.01033
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-33193

CVSS3: 7.5
redhat
почти 4 года назад

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

nvd логотип

CVE-2021-33193

CVSS3: 7.5
nvd
почти 4 года назад

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

debian логотип

CVE-2021-33193

CVSS3: 7.5
debian
почти 4 года назад

A crafted method sent through HTTP/2 will bypass validation and be for ...

suse-cvrf логотип

openSUSE-SU-2021:2954-1

suse-cvrf
почти 4 года назад

Security update for apache2

suse-cvrf логотип

openSUSE-SU-2021:1234-1

suse-cvrf
почти 4 года назад

Security update for apache2

EPSS

Процентиль: 76%
0.01033
Низкий

5 Medium

CVSS2

7.5 High

CVSS3