Date: Mon, 14 Mar 2022 10:08:35 +0000 From: Stefan Eissing <icing@...che.org> To: oss-security@...ts.openwall.com Subject: CVE-2022-22720: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier Severity: important Description: Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling Credit: James Kettle <james.kettle portswigger.net>
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.