Launchpad.net

CVE 2022-22720

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

Related bugs and status

CVE-2022-22720 (Candidate) is related to these bugs:

Bug #1960765: CVE-2021-26691 / CVE-2021-39275 / CVE-2021-44790: apache / httpd multiple CVEs

Summary				In	Importance	Status
	1960765	CVE-2021-26691 / CVE-2021-39275 / CVE-2021-44790: apache / httpd multiple CVEs		StarlingX	Medium	Fix Released

Bug #1969363: CVE-2022-22720: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

Summary				In	Importance	Status
	1969363	CVE-2022-22720: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling		StarlingX	Medium	Fix Released

Bug #1971248: Merge apache2 from Debian unstable for kinetic

Summary				In	Importance	Status
	1971248	Merge apache2 from Debian unstable for kinetic		apache2 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2022-22720

Related bugs and status

Related bugs

References