CVE-2021-44040

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-44040

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-44040.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-44040

Downstream

DEBIAN-CVE-2021-44040

DSA-5153-1

OESA-2022-1692

UBUNTU-CVE-2021-44040

Published

2022-03-23T14:15:07Z

Modified

2025-10-15T13:27:29.058961Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.

References

Affected packages

Git / github.com/apache/trafficserver

Affected ranges

Type: GIT
Repo: https://github.com/apache/trafficserver
Events: Introduced

b14030656330ed623cd1f9efe2f4f9abd9d16e29

Last affected

442195ec092dd3d1709058208a34b2bdfe536827

Introduced

b310e3566f58dd04ec2b15b111ec86ea70e20019

Last affected

bbbf80d75105313b51153c7fde0bf0edc8cf7783

Affected versions

8.*

8.0.0

8.0.0-rc4

8.0.1

8.0.1-rc0

8.0.2

8.0.2-rc0

8.0.3

8.0.3-rc0

8.0.4

8.0.4-rc0

8.0.5

8.0.6

8.0.6-rc0

8.0.6-rc1

8.1.0

8.1.0-rc0

8.1.1

8.1.1-rc0

8.1.2-rc0

8.1.3

8.1.3-rc0

8.1.3-rc1