CVE-2021-44040
published 2022-03-23CVE-2021-44040: Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. This issue affects Apache…
high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | traffic_server | 8.0.0 – 8.1.3 | — |
| apache | traffic_server | 9.0.0 – 9.1.1 | — |
| apache_software_foundation | apache_traffic_server | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | trafficserver | < trafficserver 9.1.2+ds-1 (bookworm) | trafficserver 9.1.2+ds-1 (bookworm) |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
osv7.5HIGH