Launchpad CVE tracker

CVE 2022-31813

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.

Related bugs and status

CVE-2022-31813 (Candidate) is related to these bugs:

Bug #1985885: Debian: CVE-2022-28615 / CVE-2022-29404 / CVE-2022-30522 / CVE-2022-31813: apache2: A flaw was found in the mod_proxy module of httpd

Summary				In	Importance	Status
	1985885	Debian: CVE-2022-28615 / CVE-2022-29404 / CVE-2022-30522 / CVE-2022-31813: apache2: A flaw was found in the mod_proxy module of httpd		StarlingX	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2022-31813

References