← voltar
CVE-2021-37147

Request Smuggling - LF line ending

EPSS 2.4%CWE-20CWE-444
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
Produtos afetados
Apache Software Foundation · Apache Traffic Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164https://www.debian.org/security/2022/dsa-5153