Description

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.

Remediation

References

CVE-2022-36760

Related Vulnerabilities

DOMPurify Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-26870)

Oracle Database Server CVE-2006-3705 Vulnerability (CVE-2006-3705)

PostgreSQL Other Vulnerability (CVE-2002-0802)

WordPress Plugin Coditor-Code Editor Security Bypass (1.1)

PHP Use After Free Vulnerability (CVE-2015-6831)

Severity

Critical

Classification

CVE-2022-36760 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities