Lucene search

[email protected]NVD:CVE-2021-37150

HistoryAug 10, 2022 - 6:15 a.m.

CVE-2021-37150

2022-08-1006:15:08

CWE-20

[email protected]

web.nvd.nist.gov

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

Affected configurations

NVD

Node

apachetraffic_serverRange8.0.0–8.1.4

apachetraffic_serverRange9.0.0–9.1.2

Node

debiandebian_linuxMatch10.0

debiandebian_linuxMatch11.0

Node

fedoraprojectfedoraMatch35

fedoraprojectfedoraMatch36

References

lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21

lists.debian.org/debian-lts-announce/2023/01/msg00019.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/

www.debian.org/security/2022/dsa-5206

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

Related for NVD:CVE-2021-37150

cve1 prion1 ubuntucve1 osv3 cnvd1 debiancve1 cvelist1 veracode1 nessus2 debian2 openvas5 fedora2