Lucene search
Veracode Vulnerability DatabaseVERACODE:36773HistoryAug 20, 2022 - 2:15 p.m.
Information Disclosure
2022-08-2014:15:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
information disclosure
improper input validation
secure resources
http requests
0.004 Low
EPSS
Percentile
72.9%
trafficserver is vulnerable to information disclosure. The vulnerability exists due to the improper input validation in the header parser, allowing an attacker to request secure resources through the malicious HTTP requests.
References
lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21
lists.debian.org/debian-lts-announce/2023/01/msg00019.html
lists.fedoraproject.org/archives/list/[email protected]/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/
lists.fedoraproject.org/archives/list/[email protected]/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/
security-tracker.debian.org/tracker/CVE-2021-37150
www.debian.org/security/2022/dsa-5206
Related
nvd
nvd
CVE-2021-37150
2022-08-10 06:15:08
cve
cve
CVE-2021-37150
2022-08-10 06:15:08
prion
prion
Input validation
2022-08-10 06:15:00
ubuntucve
ubuntucve
CVE-2021-37150
2022-08-10 00:00:00
osv
osv
CVE-2021-37150
2022-08-10 06:15:08
trafficserver - security update
2023-01-23 00:00:00
trafficserver - security update
2022-08-12 00:00:00
cnvd
cnvd
Apache Traffic Server Input Validation Error Vulnerability (CNVD-2023-03924)
2022-08-15 00:00:00
debiancve
debiancve
CVE-2021-37150
2022-08-10 06:15:08
cvelist
cvelist
CVE-2021-37150 Protocol vs scheme mismatch
2022-08-10 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3279-1)
2023-01-24 00:00:00
Fedora: Security Advisory for trafficserver (FEDORA-2022-23043f5a0b)
2022-08-24 00:00:00
nessus
nessus
Debian DLA-3279-1 : trafficserver - LTS security update
2023-01-23 00:00:00
Debian DSA-5206-1 : trafficserver - security update
2022-08-13 00:00:00
debian
debian
[SECURITY] [DLA 3279-1] trafficserver security update
2023-01-23 11:09:56
[SECURITY] [DSA 5206-1] trafficserver security update
2022-08-12 15:05:18
fedora
fedora
[SECURITY] Fedora 35 Update: trafficserver-9.1.3-1.fc35
2022-08-20 01:30:52
[SECURITY] Fedora 36 Update: trafficserver-9.1.3-1.fc36
2022-08-20 01:47:08