Lucene search
ApacheCVELIST:CVE-2021-37147HistoryNov 03, 2021 - 3:20 p.m.
CVE-2021-37147 Request Smuggling - LF line ending
2021-11-0315:20:19
CWE-444
CWE-20
apache
www.cve.org
7
cve-2021-37147
request smuggling
lf line ending
apache traffic server 8.0
apache traffic server 8.1.2
apache traffic server 9.0.0
apache traffic server 9.1.0
header parsing
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
CNA Affected
[
{
"product": "Apache Traffic Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "8.0.0 to 8.1.2 and 9.0.0 to 9.1.0"
}
]
}
]Related
veracode
veracode
Cross-site Request Forgery (CSRF)
2021-11-11 05:53:34
ubuntucve
ubuntucve
CVE-2021-37147
2021-11-03 00:00:00
cve
cve
CVE-2021-37147
2021-11-03 16:15:07
prion
prion
Input validation
2021-11-03 16:15:00
debiancve
debiancve
CVE-2021-37147
2021-11-03 16:15:07
nvd
nvd
CVE-2021-37147
2021-11-03 16:15:07
cnvd
cnvd
Apache Traffic Server Improper Input Validation Vulnerability
2021-11-04 00:00:00
osv
osv
CVE-2021-37147
2021-11-03 16:15:07
trafficserver - security update
2022-05-30 00:00:00
openvas
openvas
Apache Traffic Server (ATS) 8.0.0 < 8.1.3, 9.0.0 < 9.1.1 Multiple Vulnerabilities
2021-11-05 00:00:00
Debian: Security Advisory (DSA-5153-1)
2022-06-01 00:00:00
nessus
nessus
Apache Traffic Server 8.x < 8.1.3 / 9.x < 9.1.1 Multiple Vulnerabilities
2023-11-07 00:00:00
Debian DSA-5153-1 : trafficserver - security update
2022-05-31 00:00:00
debian
debian
[SECURITY] [DSA 5153-1] trafficserver security update
2022-05-30 18:01:41