Description

Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Remediation

References

CVE-2021-27577

Related Vulnerabilities

Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23798)

TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046)

WebLogic Observable Discrepancy Vulnerability (CVE-2019-3739)

WordPress Plugin WordPress Appointment Booking and Online Scheduling by Appointy Cross-Site Scripting (2.40)

Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)

Severity

High

Classification

CVE-2021-27577 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities