Description

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.

Remediation

References

CVE-2021-37147

Related Vulnerabilities

WordPress Plugin WooCommerce Cross-Site Scripting (8.9.2)

WordPress Plugin WP-Print Cross-Site Request Forgery (2.51)

Django Improper Output Neutralization for Logs Vulnerability (CVE-2025-48432)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-43823)

WordPress Plugin OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Cross-Site Scripting (1.1.1)

Severity

High

Classification

CVE-2021-37147 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities