CVE-2022-22720

Опубликовано: 14 мар. 2022

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 9.8

Описание

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

Релиз	Статус	Примечание
bionic	released	2.4.29-1ubuntu4.22
devel	released	2.4.52-1ubuntu2
esm-infra-legacy/trusty	not-affected	2.4.7-1ubuntu4.22+esm4
esm-infra/bionic	not-affected	2.4.29-1ubuntu4.22
esm-infra/focal	not-affected	2.4.41-4ubuntu3.10
esm-infra/xenial	released	2.4.18-2ubuntu3.17+esm5
focal	released	2.4.41-4ubuntu3.10
impish	released	2.4.48-3.1ubuntu3.3
jammy	released	2.4.52-1ubuntu2
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2022-22720

CVSS3: 8.3

redhat

больше 3 лет назад

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

CVE-2022-22720

CVSS3: 9.8

nvd

больше 3 лет назад

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

CVE-2022-22720

CVSS3: 9.8

msrc

больше 3 лет назад

Описание отсутствует

CVE-2022-22720

CVSS3: 9.8

debian

больше 3 лет назад

Apache HTTP Server 2.4.52 and earlier fails to close inbound connectio ...

RLSA-2022:1049

rocky

около 3 лет назад

Important: httpd:2.4 security update

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2022-22720

Описание

Пакет apache2

Ссылки на источники

Связанные уязвимости