ghsa-p9mw-v4q4-qhvj
Vulnerability from github
Published
2022-05-24 19:19
Modified
2022-06-03 00:01
Severity
Details
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.
{ "affected": [], "aliases": [ "CVE-2021-37148" ], "database_specific": { "cwe_ids": [ "CWE-20" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2021-11-03T16:15:00Z", "severity": "HIGH" }, "details": "Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.", "id": "GHSA-p9mw-v4q4-qhvj", "modified": "2022-06-03T00:01:36Z", "published": "2022-05-24T19:19:34Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37148" }, { "type": "WEB", "url": "https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164" }, { "type": "WEB", "url": "https://www.debian.org/security/2022/dsa-5153" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ] }
Loading...