← back
CVE-2021-44040

HTTP request line fuzzing attacks

EPSS 1.9%CWE-20
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.
Affected products
Apache Software Foundation · Apache Traffic Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://lists.apache.org/thread/zblwzcfs9ryhwjr89wz4osw55pxm6dx6https://www.debian.org/security/2022/dsa-5153