CVE-2022-37436

Advisory lineage Upstream: 0 Downstream: 17

Downstream

ALPINE-CVE-2022-37436 DEBIAN-CVE-2022-37436 DLA-3351-1 DSA-5376-1 MGASA-2023-0032 OPENSUSE-SU-2024:12635-1

Modified

Published: 17 Jan 2023, 19:12

Last modified:04 Apr 2025, 18:06

Vulnerability Summary

Overall Risk (default)

low

21/100

CVSS Score

5.3 MEDIUM

v3.1 (cve.org)

EPSS Score

0.54% LOW

1% probability +0.03%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

17 Jan 2023, 19:12

Published

Vulnerability first disclosed

04 Apr 2025, 18:06

Last Modified

Vulnerability information updated

Description

Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.

CVSS Metrics

v3.1•MEDIUM•Score: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Trends

Current EPSS score: 0.54%• Percentile: 68%

Techniques & Countermeasures

CWE-113•Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
The product receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.
CWE-436•Interpretation Conflict
Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.

Affected Systems

apache software foundation•apache http server
< 2.4.55
Unknown•HTTP Server
< 2.4.55