Description

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.

Remediation

References

CVE-2021-37149

Related Vulnerabilities

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-6289)

WordPress Plugin Email Encoder-Protect Email Addresses Cross-Site Scripting (1.4.1)

WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-24306)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20405)

WordPress Plugin Qyrr-simply and modern QR-Code creation Cross-Site Scripting (0.6)

Severity

High

Classification

CVE-2021-37149 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities