Unrated severityNVD Advisory· Published Jun 30, 2021· Updated Aug 3, 2024
Reading HTTP/2 frames too many times
CVE-2021-32567
Description
Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
Affected products
27.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1+ 1 more
- (no CPE)range: 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1
- (no CPE)range: Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1
Patches
Vulnerability mechanics
References
2- www.debian.org/security/2021/dsa-4957mitrevendor-advisoryx_refsource_DEBIAN
- lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3Emitrex_refsource_MISC
News mentions
0No linked articles in our index yet.