A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2021-08-16T00:00:00

Updated: 2024-08-03T23:42:20.253Z

Reserved: 2021-05-19T00:00:00

Link: CVE-2021-33193

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-16T08:15:11.480

Modified: 2024-11-21T06:08:29.210

Link: CVE-2021-33193

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-08-05T00:00:00Z

Links: CVE-2021-33193 - Bugzilla