Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2021-32565)

Description

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Remediation

References

CVE-2021-32565

Related Vulnerabilities

WordPress Plugin WordPress Photo Gallery by Gallery Bank Unspecified Vulnerability (3.1.26)

MySQL CVE-2017-3251 Vulnerability (CVE-2017-3251)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3325)

WordPress Plugin Search Unleashed 'Log' Function HTML Injection (0.2.10)

WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Cross-Site Scripting (2.6.0)

Severity

High

Classification

CVE-2021-32565 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N