Apache Traffic Server Content-Length Header Smuggling Vulnerability

Apache Traffic Server Content-Length Header Smuggling Vulnerability

CVE-2021-32565 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Learn more about our Cis Benchmark Audit For Apache Http Server.