Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/zblwzcfs9ryhwjr89wz4osw55pxm6dx6 | Mailing List Vendor Advisory |
https://www.debian.org/security/2022/dsa-5153 | Third Party Advisory |
Configurations
History
14 Oct 2022, 11:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Debian debian Linux
Debian |
|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5153 - Third Party Advisory |
02 Jun 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Mar 2022, 18:40
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://lists.apache.org/thread/zblwzcfs9ryhwjr89wz4osw55pxm6dx6 - Mailing List, Vendor Advisory | |
CPE | cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:* | |
CWE | CWE-20 | |
First Time |
Apache
Apache traffic Server |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
23 Mar 2022, 15:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-23 14:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-44040
Mitre link : CVE-2021-44040
CVE.ORG link : CVE-2021-44040
JSON object : View
Products Affected
debian
- debian_linux
apache
- traffic_server
CWE
CWE-20
Improper Input Validation