VYPR
Unrated severityNVD Advisory· Published Nov 3, 2021· Updated Aug 4, 2024

Request Smuggling - LF line ending

CVE-2021-37147

Description

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.

Affected products

2
  • Apache/Traffic Serverllm-fuzzy2 versions
    >=8.0.0 <=8.1.2, >=9.0.0 <=9.1.0+ 1 more
    • (no CPE)range: >=8.0.0 <=8.1.2, >=9.0.0 <=9.1.0
    • (no CPE)range: 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.