CVE-2021-37149

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
References
Link Resource
https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164 Mailing List Patch Vendor Advisory
https://www.debian.org/security/2022/dsa-5153 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Information

Published : 2021-11-03 09:15

Updated : 2022-10-14 04:51


NVD link : CVE-2021-37149

Mitre link : CVE-2021-37149


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

apache

  • traffic_server