Vulnerabilities > Apache > Traffic Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-03 | CVE-2021-37148 | Improper Input Validation vulnerability in multiple products Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2021-11-03 | CVE-2021-37149 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. | 7.5 |
| 2021-11-03 | CVE-2021-38161 | Improper Authentication vulnerability in multiple products Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. | 8.1 |
| 2021-11-03 | CVE-2021-41585 | Improper Input Validation vulnerability in Apache Traffic Server Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections. | 5.0 |
| 2021-11-03 | CVE-2021-43082 | Classic Buffer Overflow vulnerability in Apache Traffic Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. | 7.5 |
| 2021-06-30 | CVE-2021-32566 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. | 5.0 |
| 2021-06-30 | CVE-2021-32567 | Improper Input Validation vulnerability in multiple products Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. | 5.0 |
| 2021-06-30 | CVE-2021-35474 | Out-of-bounds Write vulnerability in multiple products Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. | 7.5 |
| 2021-06-29 | CVE-2021-27577 | HTTP Request Smuggling vulnerability in multiple products Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. | 5.0 |
| 2021-06-29 | CVE-2021-32565 | HTTP Request Smuggling vulnerability in multiple products Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. | 5.0 |