Description

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

Remediation

References

CVE-2021-37150

Related Vulnerabilities

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-20330)

WordPress Plugin Product Catalog X Cross-Site Request Forgery (1.5.12)

WordPress Plugin Sell Downloads Arbitrary File Disclosure (1.0.17)

WordPress Plugin AMP for WP-Accelerated Mobile Pages Multiple Unspecified Vulnerabilities (0.9.72)

Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)

Severity

High

Classification

CVE-2021-37150 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities