​
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2022-41721

Published

Last updated

https://nvd.nist.gov/vuln/detail/CVE-2022-41721

Severity

7.5

High

CVSS V3

Description

A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be attacker-manipulated to represent arbitrary HTTP2 requests.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images