VYPR
Unrated severityNVD Advisory· Published Jun 29, 2021· Updated Aug 3, 2024

Incorrect handling of url fragment leads to cache poisoning

CVE-2021-27577

Description

Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Affected products

2
  • Apache/Traffic Serverllm-fuzzy2 versions
    7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1+ 1 more
    • (no CPE)range: 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1
    • (no CPE)range: Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.