← volver
CVE-2021-37148

Request Smuggling - transfer encoding validation

EPSS 2.5%CWE-20
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.
Productos afectados
Apache Software Foundation · Apache Traffic Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164https://www.debian.org/security/2022/dsa-5153