Description

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Remediation

References

CVE-2021-32565

Related Vulnerabilities

WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.5)

WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (7.1.12)

Jenkins Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-2101)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Open Redirect (2.0.5)

Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.3)

Severity

High

Classification

CVE-2021-32565 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities