Description

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

Remediation

References

CVE-2021-37150

Related Vulnerabilities

MediaWiki Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-35624)

Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)

WebLogic CVE-2021-1995 Vulnerability (CVE-2021-1995)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2606)

WordPress Plugin Comment Highlighter SQL Injection (0.13)

Severity

High

Classification

CVE-2021-37150 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities