Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2024-08-03T03:21:48.980Z

Reserved: 2022-01-06T00:00:00

Link: CVE-2022-22720

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-14T11:15:09.083

Modified: 2024-11-21T06:47:18.963

Link: CVE-2022-22720

cve-icon Redhat

Severity : Important

Publid Date: 2022-03-14T00:00:00Z

Links: CVE-2022-22720 - Bugzilla

cve-icon OpenCVE Enrichment

No data.