CLSA-2022-1656447241
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1656447241.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2022-1656447241
- Upstream
- Published
- 2022-06-28T20:14:01Z
- Modified
- 2026-06-01T00:32:16.811472921Z
- Summary
- Fixed CVEs in httpd: CVE-2022-31813, CVE-2022-28615, CVE-2022-26377
- Details
-
- CVE-2022-26377: modproxyajp: fix HTTP request smuggling
- CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch()
- CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded-* headers correctly
- References
Affected packages
TuxCare:CentOS:6 / httpd
Package
- Name
- httpd
- Purl
- pkg:rpm/tuxcare/httpd?distro=centos-6
TuxCare:CentOS:6 / httpd-devel
Package
- Name
- httpd-devel
- Purl
- pkg:rpm/tuxcare/httpd-devel?distro=centos-6
TuxCare:CentOS:6 / httpd-manual
Package
- Name
- httpd-manual
- Purl
- pkg:rpm/tuxcare/httpd-manual?distro=centos-6
TuxCare:CentOS:6 / httpd-tools
Package
- Name
- httpd-tools
- Purl
- pkg:rpm/tuxcare/httpd-tools?distro=centos-6