Description
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35480)
MySQL CVE-2022-21314 Vulnerability (CVE-2022-21314)
WordPress Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2007-6013)
WordPress Plugin WP-Table Reloaded Cross-Site Scripting (1.9.3)