CVE-2021-37150
Protocol vs scheme mismatch
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Produtos afetados
Apache Software Foundation · Apache Traffic ServerQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21https://lists.debian.org/debian-lts-announce/2023/01/msg00019.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/https://www.debian.org/security/2022/dsa-5206