VYPR
Unrated severityNVD Advisory· Published Nov 3, 2021· Updated Aug 4, 2024

Request Smuggling - transfer encoding validation

CVE-2021-37148

Description

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.

Affected products

2
  • Apache/Traffic Serverllm-fuzzy2 versions
    >=8.0.0 <=8.1.2, >=9.0.0 <=9.0.1+ 1 more
    • (no CPE)range: >=8.0.0 <=8.1.2, >=9.0.0 <=9.0.1
    • (no CPE)range: 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.