CVE-2021-37147

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
References
Link Resource
https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164 Mailing List Patch Vendor Advisory
https://www.debian.org/security/2022/dsa-5153 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Information

Published : 2021-11-03 09:15

Updated : 2022-10-14 04:56


NVD link : CVE-2021-37147

Mitre link : CVE-2021-37147


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

apache

  • traffic_server