Description

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Remediation

References

CVE-2021-32565

Related Vulnerabilities

Moodle Improper Input Validation Vulnerability (CVE-2011-4302)

phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4729)

WordPress Plugin Wow Forms-create any form with custom style SQL Injection (3.1.3)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3370)

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13068)

Severity

High

Classification

CVE-2021-32565 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities