Unrated severityNVD Advisory· Published Nov 3, 2021· Updated Aug 4, 2024
Request Smuggling - transfer encoding validation
CVE-2021-37148
Description
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.
Affected products
2>=8.0.0 <=8.1.2, >=9.0.0 <=9.0.1+ 1 more
- (no CPE)range: >=8.0.0 <=8.1.2, >=9.0.0 <=9.0.1
- (no CPE)range: 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1
Patches
Vulnerability mechanics
References
2- www.debian.org/security/2022/dsa-5153mitrevendor-advisoryx_refsource_DEBIAN
- lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.