Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37147)

Description

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.

Remediation

References

CVE-2021-37147

Related Vulnerabilities

WordPress Plugin Gallery by BestWebSoft Cross-Site Scripting (4.2.1)

WordPress Plugin Vertical News Scroller Unspecified Vulnerability (1.19)

WordPress Plugin ThemeGrill Demo Importer Security Bypass (1.6.1)

PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15080)

Drupal Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2020-36193)

Severity

High

Classification

CVE-2021-37147 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N