CVE-2022-22720

Опубликовано: 14 мар. 2022

Источник: ubuntu

Приоритет: medium

EPSS Средний

CVSS2: 7.5

CVSS3: 9.8

Описание

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

Релиз	Статус	Примечание
bionic	released	2.4.29-1ubuntu4.22
devel	released	2.4.52-1ubuntu2
esm-infra-legacy/trusty	released	2.4.7-1ubuntu4.22+esm4
esm-infra/bionic	released	2.4.29-1ubuntu4.22
esm-infra/focal	released	2.4.41-4ubuntu3.10
esm-infra/xenial	released	2.4.18-2ubuntu3.17+esm5
focal	released	2.4.41-4ubuntu3.10
impish	released	2.4.48-3.1ubuntu3.3
jammy	released	2.4.52-1ubuntu2
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 97%

0.33369

Средний

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2022-22720

CVSS3: 8.3

redhat

почти 4 года назад

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

CVE-2022-22720

CVSS3: 9.8

nvd

почти 4 года назад

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

CVE-2022-22720

CVSS3: 9.8

msrc

почти 4 года назад

HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier

CVE-2022-22720

CVSS3: 9.8

debian

почти 4 года назад

Apache HTTP Server 2.4.52 and earlier fails to close inbound connectio ...

RLSA-2022:1049

rocky

почти 4 года назад

Important: httpd:2.4 security update

EPSS

Процентиль: 97%

0.33369

Средний

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2022-22720

Описание

Пакет apache2

Ссылки на источники

Связанные уязвимости