Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.7 views

CVE-2021-32565

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

7.5CVSS6.6AI score0.02137EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/08/14 12:0 a.m.66 views

Debian DSA-4957-1 : trafficserver - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4957 advisory. - Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0...

9.8CVSS7.5AI score0.03543EPSS
Exploits0References13
OpenVAS
OpenVAS
added 2021/06/30 12:0 a.m.18 views

Apache Traffic Server (ATS) 7.0.0 < 8.1.2, 9.0.0 < 9.0.2 Multiple Vulnerabilities

Apache Traffic Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:trafficserver"...

9.8CVSS7.7AI score0.03543EPSS
Exploits0References1
OSV
OSV
added 2021/06/29 12:15 p.m.23 views

CVE-2021-32565

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

7.5CVSS7AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/06/29 12:15 p.m.29 views

CVE-2021-32565

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

7.5CVSS7.1AI score0.02137EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/06/29 11:45 a.m.23 views

CVE-2021-32565 HTTP Request Smuggling, content length with invalid charters

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

8.7AI score0.02137EPSS
Exploits0References2
CVE
CVE
added 2021/06/29 11:45 a.m.92 views

CVE-2021-32565

Apache Traffic Server is affected by CVE-2021-32565 due to invalid values in the Content-Length header, enabling HTTP request smuggling. Affected releases: 7.0.0–7.1.12, 8.0.0–8.1.1, and 9.0.0–9.0.1. The issue’s root cause is improper handling of Content-Length values. Debian/DSA-4957-1 notes a f...

7.5CVSS7.5AI score0.02137EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder