Description

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.

Remediation

References

CVE-2022-36760

Related Vulnerabilities

MediaWiki CVE-2021-30159 Vulnerability (CVE-2021-30159)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17306)

Oracle JRE CVE-2014-0446 Vulnerability (CVE-2014-0446)

Oracle JRE CVE-2013-5778 Vulnerability (CVE-2013-5778)

WordPress Plugin Xllentech English Islamic Calendar SQL Injection (2.6.7)

Severity

Critical

Classification

CVE-2022-36760 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities