A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Http_server | Apache | 2.4.17 (including) | 2.4.48 (including) |