CVE-2021-41585
published 2021-11-03CVE-2021-41585: Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | traffic_server | 8.0.0 – 8.1.2 | — |
| apache | traffic_server | 9.0.0 – 9.1.0 | — |
| apache_software_foundation | apache_traffic_server | — | — |
| debian | trafficserver | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH