Lucene search
ApacheCVELIST:CVE-2022-22720HistoryMar 14, 2022 - 10:15 a.m.
CVE-2022-22720 HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
2022-03-1410:15:29
CWE-444
apache
www.cve.org
1
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
CNA Affected
[
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.4.52",
"status": "affected",
"version": "Apache HTTP Server 2.4",
"versionType": "custom"
}
]
}
]References
seclists.org/fulldisclosure/2022/May/33
seclists.org/fulldisclosure/2022/May/35
seclists.org/fulldisclosure/2022/May/38
www.openwall.com/lists/oss-security/2022/03/14/3
httpd.apache.org/security/vulnerabilities_24.html
lists.debian.org/debian-lts-announce/2022/03/msg00033.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/
security.gentoo.org/glsa/202208-20
security.netapp.com/advisory/ntap-20220321-0001/
support.apple.com/kb/HT213255
support.apple.com/kb/HT213256
support.apple.com/kb/HT213257
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujul2022.html
Related
oraclelinux
oraclelinux
httpd security update
2022-03-24 00:00:00
httpd security update
2022-03-31 00:00:00
httpd:2.4 security update
2022-03-25 00:00:00
redhat
redhat
(RHSA-2022:1075) Important: httpd24-httpd security update
2022-03-28 09:02:53
(RHSA-2022:1072) Important: httpd:2.4 security update
2022-03-28 08:51:50
(RHSA-2022:1080) Important: httpd:2.4 security update
2022-03-28 10:33:53
nessus
nessus
RHEL 8 : httpd:2.4 (RHSA-2022:1102)
2022-04-01 00:00:00
CentOS 7 : httpd (CESA-2022:1045)
2022-03-29 00:00:00
RHEL 7 : httpd (RHSA-2022:1045)
2022-03-24 00:00:00
prion
prion
Design/Logic Flaw
2022-03-14 11:15:00
osv
osv
Important: httpd:2.4 security update
2022-03-24 10:44:04
CVE-2022-22720
2022-03-14 11:15:09
Important: httpd:2.4 security update
2022-03-24 10:44:04
nvd
nvd
CVE-2022-22720
2022-03-14 11:15:09
f5
f5
K67090077 : Apache HTTP Server vulnerability CVE-2022-22720
2022-05-13 00:00:00
redhatcve
redhatcve
CVE-2022-22720
2022-03-15 14:43:48
openvas
openvas
CentOS: Security Advisory for httpd (CESA-2022:1045)
2022-03-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:14924-1)
2022-03-22 00:00:00
Mageia: Security Advisory (MGASA-2022-0105)
2022-03-22 00:00:00
ibm
ibm
Security Bulletin: IBM Rational Build Forge is vulnerable to HTTP request smuggling due to use of Apache HTTP server CVE-2022-22720
2022-07-21 05:31:40
ubuntucve
ubuntucve
CVE-2022-22720
2022-03-14 00:00:00
debiancve
debiancve
CVE-2022-22720
2022-03-14 11:15:09
alpinelinux
alpinelinux
CVE-2022-22720
2022-03-14 11:15:09
cbl_mariner
cbl_mariner
CVE-2022-22720 affecting package httpd for versions less than 2.4.53-1
2022-04-26 19:57:38
CVE-2022-22720 affecting package httpd 2.4.52-1
2022-04-07 06:04:02
centos
centos
httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update
2022-03-29 13:35:36
almalinux
almalinux
Important: httpd:2.4 security update
2022-03-24 10:44:04
httpd
httpd
rocky
rocky
httpd:2.4 security update
2022-03-24 10:44:04
cve
cve
CVE-2022-22720
2022-03-14 11:15:09
veracode
veracode
HTTP Request Smuggling
2022-03-15 10:13:11
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-22721, CVE-2022-22720
2022-03-24 15:36:17
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 1:2.4.53-alt1
2022-03-25 00:00:00
Security fix for the ALT Linux 9 package apache2 version 1:2.4.53-alt1
2022-03-29 00:00:00
amazon
amazon
Important: httpd
2022-04-25 22:57:00
Important: httpd24
2022-04-26 17:12:00
redos
redos
ROS-20220317-01
2022-03-17 00:00:00
mageia
mageia
Updated apache packages fix security vulnerability
2022-03-21 23:18:30
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2022-03-17 00:00:00
Apache HTTP Server vulnerabilities
2022-03-17 00:00:00
kaspersky
kaspersky
KLA12485 Multiple vulnerabilities in Apache HTTP Server
2022-03-14 00:00:00
slackware
slackware
[slackware-security] httpd
2022-03-15 01:06:06
suse
suse
Security update for apache2 (important)
2022-03-29 00:00:00
debian
debian
[SECURITY] [DLA 2960-1] apache2 security update
2022-03-22 07:32:37
freebsd
freebsd
Apache httpd -- Multiple vulnerabilities
2022-03-14 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0455
2022-03-25 00:00:00
Critical Photon OS Security Update - PHSA-2022-0166
2022-03-25 00:00:00
Critical Photon OS Security Update - PHSA-2022-4.0-0166
2022-03-25 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: httpd-2.4.53-1.fc35
2022-03-22 03:44:42
[SECURITY] Fedora 34 Update: httpd-2.4.53-1.fc34
2022-03-25 22:06:50
[SECURITY] Fedora 36 Update: httpd-2.4.53-1.fc36
2022-03-26 15:55:33
thn
thn
rosalinux
rosalinux
Advisory ROSA-SA-2023-2158
2023-04-25 11:30:17
Advisory ROSA-SA-2023-2160
2023-04-25 12:02:31
ics
ics
Mitsubishi Electric MELSOFT iQ AppPortal
2022-05-12 12:00:00
gentoo
gentoo
Apache HTTPD: Multiple Vulnerabilities
2022-08-14 00:00:00
apple
apple
About the security content of Security Update 2022-004 Catalina
2022-05-16 00:00:00
About the security content of macOS Big Sur 11.6.6
2022-05-16 00:00:00
About the security content of macOS Monterey 12.4
2022-05-16 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00