vulnerability

Red Hat: CVE-2022-22720: CVE-2022-22720 httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Mar 14, 2022
Added
Mar 25, 2022
Modified
Dec 15, 2023

Description

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

Solution(s)

redhat-upgrade-httpdredhat-upgrade-httpd-debuginforedhat-upgrade-httpd-debugsourceredhat-upgrade-httpd-develredhat-upgrade-httpd-filesystemredhat-upgrade-httpd-manualredhat-upgrade-httpd-toolsredhat-upgrade-httpd-tools-debuginforedhat-upgrade-mod_http2redhat-upgrade-mod_http2-debuginforedhat-upgrade-mod_http2-debugsourceredhat-upgrade-mod_ldapredhat-upgrade-mod_ldap-debuginforedhat-upgrade-mod_mdredhat-upgrade-mod_md-debuginforedhat-upgrade-mod_md-debugsourceredhat-upgrade-mod_proxy_htmlredhat-upgrade-mod_proxy_html-debuginforedhat-upgrade-mod_sessionredhat-upgrade-mod_session-debuginforedhat-upgrade-mod_sslredhat-upgrade-mod_ssl-debuginfo
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.