Description

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Remediation

References

CVE-2021-32565

Related Vulnerabilities

WordPress Plugin WP Fastest Cache Directory Traversal (0.8.9.5)

Oracle JRE CVE-2022-21340 Vulnerability (CVE-2022-21340)

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.38)

Jenkins Deserialization of Untrusted Data Vulnerability (CVE-2017-2608)

MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31554)

Severity

High

Classification

CVE-2021-32565 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities