Launchpad CVE tracker

CVE 2022-37436

Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.

Related bugs and status

CVE-2022-37436 (Candidate) is related to these bugs:

Bug #2012865: [Debian] CVE: CVE-2006-20001/CVE-2023-25690/CVE-2022-36760/CVE-2022-37436/CVE-2023-27522: apache2: multi CVEs

Summary				In	Importance	Status
	2012865	[Debian] CVE: CVE-2006-20001/CVE-2023-25690/CVE-2022-36760/CVE-2022-37436/CVE-2023-27522: apache2: multi CVEs		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://httpd.apache.o...
GENTOO: GLSA-202309-01

Launchpad.net

CVE 2022-37436

Related bugs and status

Related bugs

References