Oracle HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-22720)

Description

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

Remediation

References

CVE-2022-22720

Related Vulnerabilities

WordPress 4.3.x Possible SQL Injection Vulnerability (4.3 - 4.3.12)

PHP Improper Input Validation Vulnerability (CVE-2007-4783)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15700)

Squid Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-18677)

XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-34466)

Severity

Critical

Classification

CVE-2022-22720 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H