Description

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

Remediation

References

CVE-2021-37150

Related Vulnerabilities

Nginx Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-1247)

PHP Improper Input Validation Vulnerability (CVE-2016-4071)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-14998)

PrestaShop Improper Privilege Management Vulnerability (CVE-2023-43663)

PHP CVE-2009-3559 Vulnerability (CVE-2009-3559)

Severity

High

Classification

CVE-2021-37150 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities