CVE-2021-27577
- Source
- https://cve.org/CVERecord?id=CVE-2021-27577
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27577.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-27577
- Downstream
- Published
- 2021-06-29T12:15:08.437Z
- Modified
- 2026-03-20T11:39:59.765139Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
- References
Affected packages
Git / github.com/apache/trafficserver
Affected ranges
- Type
- GIT
- Repo
- https://github.com/apache/trafficserver
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "7.0.0" }, { "last_affected": "7.1.12" }, { "introduced": "8.0.0" }, { "last_affected": "8.1.1" }, { "introduced": "9.0.0" }, { "last_affected": "9.0.1" }, { "introduced": "0" }, { "last_affected": "8.0" } ] }