{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96103?format=json","vulnerability_id":"VCID-jb1b-9gr2-suez","summary":"Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.  This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.  Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.","aliases":[{"alias":"CVE-2024-35161"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/941472?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4738-xk8n-hbac"},{"vulnerability":"VCID-4hs3-be7k-9qe7"},{"vulnerability":"VCID-4uhe-mtbx-nfdu"},{"vulnerability":"VCID-5e1r-3jec-tkhp"},{"vulnerability":"VCID-c62p-6ghw-j3dv"},{"vulnerability":"VCID-eay7-63um-43e9"},{"vulnerability":"VCID-kjah-am9e-xkev"},{"vulnerability":"VCID-tevw-8dcp-yfh6"},{"vulnerability":"VCID-ww3t-p3pq-gkhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/941505?format=json","purl":"pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/941504?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/941470?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/994490?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3"},{"url":"http://public2.vulnerablecode.io/api/packages/941473?format=json","purl":"pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4738-xk8n-hbac"},{"vulnerability":"VCID-4hs3-be7k-9qe7"},{"vulnerability":"VCID-4uhe-mtbx-nfdu"},{"vulnerability":"VCID-5e1r-3jec-tkhp"},{"vulnerability":"VCID-c62p-6ghw-j3dv"},{"vulnerability":"VCID-eay7-63um-43e9"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-kjah-am9e-xkev"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-tevw-8dcp-yfh6"},{"vulnerability":"VCID-ww3t-p3pq-gkhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037080?format=json","purl":"pkg:deb/debian/trafficserver@3.0.5-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41x7-hv4u-byb9"},{"vulnerability":"VCID-4js5-31yx-gkf1"},{"vulnerability":"VCID-4men-293s-3bhn"},{"vulnerability":"VCID-4wwn-74ac-p7dp"},{"vulnerability":"VCID-568b-s8ks-vfa6"},{"vulnerability":"VCID-5781-s1ny-q7ey"},{"vulnerability":"VCID-6bwv-cd3d-mudb"},{"vulnerability":"VCID-73aa-rk27-tye1"},{"vulnerability":"VCID-7nhc-5p2x-t3cj"},{"vulnerability":"VCID-8aev-nmwa-fkcg"},{"vulnerability":"VCID-931v-ukcc-6qaa"},{"vulnerability":"VCID-9pd6-v7d1-9qem"},{"vulnerability":"VCID-9rs4-uvph-3yh7"},{"vulnerability":"VCID-aqt5-2ffy-9bgs"},{"vulnerability":"VCID-au6q-ek7r-8bgr"},{"vulnerability":"VCID-b7zx-ywwc-57d9"},{"vulnerability":"VCID-bb5y-kjej-bbfm"},{"vulnerability":"VCID-bdgg-edbf-xfav"},{"vulnerability":"VCID-btm9-vxvc-3qhv"},{"vulnerability":"VCID-c5hc-3jtx-k3a6"},{"vulnerability":"VCID-c675-5njd-63hk"},{"vulnerability":"VCID-cbe5-hhz8-bqbn"},{"vulnerability":"VCID-cscf-sb71-jybq"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-fmwc-nmhh-ryaf"},{"vulnerability":"VCID-fq5y-b9yq-nbee"},{"vulnerability":"VCID-hbte-dsw2-y7ad"},{"vulnerability":"VCID-j6r7-ypa1-zybv"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-jdjf-3w9k-xbaw"},{"vulnerability":"VCID-k2ks-3t6e-uqgu"},{"vulnerability":"VCID-khz4-1uav-cqgg"},{"vulnerability":"VCID-m8p8-5n65-qyhy"},{"vulnerability":"VCID-msu4-5h99-2yaq"},{"vulnerability":"VCID-n66u-b73u-zucb"},{"vulnerability":"VCID-nbwy-fdv2-uydt"},{"vulnerability":"VCID-p5f7-uu6r-8bez"},{"vulnerability":"VCID-pxaf-6qxa-77h9"},{"vulnerability":"VCID-qwmj-ez4q-7qex"},{"vulnerability":"VCID-r86j-zujn-f7ez"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-scpg-5hcj-5yd3"},{"vulnerability":"VCID-skrs-cynm-r7du"},{"vulnerability":"VCID-t559-a5u6-4ke1"},{"vulnerability":"VCID-u4tn-85je-n7gt"},{"vulnerability":"VCID-u5qg-vszr-9ye2"},{"vulnerability":"VCID-ue7s-pn8b-vydz"},{"vulnerability":"VCID-uhqf-tsxe-ayc2"},{"vulnerability":"VCID-uhxq-9bzs-u3fd"},{"vulnerability":"VCID-uvhz-uspt-7ygz"},{"vulnerability":"VCID-uy1m-av2n-jybt"},{"vulnerability":"VCID-va7d-ktp2-m7et"},{"vulnerability":"VCID-w42s-4aps-y3c5"},{"vulnerability":"VCID-waer-as81-8fed"},{"vulnerability":"VCID-xh97-4sn5-vyfw"},{"vulnerability":"VCID-xwdc-hndy-yubc"},{"vulnerability":"VCID-xwru-y5m9-gucd"},{"vulnerability":"VCID-zmh1-wmct-uyf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@3.0.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037081?format=json","purl":"pkg:deb/debian/trafficserver@6.2.0-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41x7-hv4u-byb9"},{"vulnerability":"VCID-4men-293s-3bhn"},{"vulnerability":"VCID-4wwn-74ac-p7dp"},{"vulnerability":"VCID-568b-s8ks-vfa6"},{"vulnerability":"VCID-5781-s1ny-q7ey"},{"vulnerability":"VCID-6bwv-cd3d-mudb"},{"vulnerability":"VCID-73aa-rk27-tye1"},{"vulnerability":"VCID-7nhc-5p2x-t3cj"},{"vulnerability":"VCID-8aev-nmwa-fkcg"},{"vulnerability":"VCID-931v-ukcc-6qaa"},{"vulnerability":"VCID-aqt5-2ffy-9bgs"},{"vulnerability":"VCID-au6q-ek7r-8bgr"},{"vulnerability":"VCID-b7zx-ywwc-57d9"},{"vulnerability":"VCID-bb5y-kjej-bbfm"},{"vulnerability":"VCID-bdgg-edbf-xfav"},{"vulnerability":"VCID-btm9-vxvc-3qhv"},{"vulnerability":"VCID-c5hc-3jtx-k3a6"},{"vulnerability":"VCID-c675-5njd-63hk"},{"vulnerability":"VCID-cbe5-hhz8-bqbn"},{"vulnerability":"VCID-cscf-sb71-jybq"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-fmwc-nmhh-ryaf"},{"vulnerability":"VCID-fq5y-b9yq-nbee"},{"vulnerability":"VCID-hbte-dsw2-y7ad"},{"vulnerability":"VCID-j6r7-ypa1-zybv"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-jdjf-3w9k-xbaw"},{"vulnerability":"VCID-k2ks-3t6e-uqgu"},{"vulnerability":"VCID-m8p8-5n65-qyhy"},{"vulnerability":"VCID-msu4-5h99-2yaq"},{"vulnerability":"VCID-n66u-b73u-zucb"},{"vulnerability":"VCID-nbwy-fdv2-uydt"},{"vulnerability":"VCID-p5f7-uu6r-8bez"},{"vulnerability":"VCID-pxaf-6qxa-77h9"},{"vulnerability":"VCID-qwmj-ez4q-7qex"},{"vulnerability":"VCID-r86j-zujn-f7ez"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-scpg-5hcj-5yd3"},{"vulnerability":"VCID-skrs-cynm-r7du"},{"vulnerability":"VCID-t559-a5u6-4ke1"},{"vulnerability":"VCID-u5qg-vszr-9ye2"},{"vulnerability":"VCID-ue7s-pn8b-vydz"},{"vulnerability":"VCID-uhqf-tsxe-ayc2"},{"vulnerability":"VCID-uhxq-9bzs-u3fd"},{"vulnerability":"VCID-uy1m-av2n-jybt"},{"vulnerability":"VCID-va7d-ktp2-m7et"},{"vulnerability":"VCID-w42s-4aps-y3c5"},{"vulnerability":"VCID-waer-as81-8fed"},{"vulnerability":"VCID-xh97-4sn5-vyfw"},{"vulnerability":"VCID-xwdc-hndy-yubc"},{"vulnerability":"VCID-xwru-y5m9-gucd"},{"vulnerability":"VCID-zmh1-wmct-uyf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@6.2.0-1~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037082?format=json","purl":"pkg:deb/debian/trafficserver@7.0.0-4~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41x7-hv4u-byb9"},{"vulnerability":"VCID-4men-293s-3bhn"},{"vulnerability":"VCID-4wwn-74ac-p7dp"},{"vulnerability":"VCID-568b-s8ks-vfa6"},{"vulnerability":"VCID-5781-s1ny-q7ey"},{"vulnerability":"VCID-6bwv-cd3d-mudb"},{"vulnerability":"VCID-73aa-rk27-tye1"},{"vulnerability":"VCID-7nhc-5p2x-t3cj"},{"vulnerability":"VCID-931v-ukcc-6qaa"},{"vulnerability":"VCID-aqt5-2ffy-9bgs"},{"vulnerability":"VCID-au6q-ek7r-8bgr"},{"vulnerability":"VCID-b7zx-ywwc-57d9"},{"vulnerability":"VCID-bb5y-kjej-bbfm"},{"vulnerability":"VCID-bdgg-edbf-xfav"},{"vulnerability":"VCID-btm9-vxvc-3qhv"},{"vulnerability":"VCID-c5hc-3jtx-k3a6"},{"vulnerability":"VCID-c675-5njd-63hk"},{"vulnerability":"VCID-cbe5-hhz8-bqbn"},{"vulnerability":"VCID-cscf-sb71-jybq"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-fmwc-nmhh-ryaf"},{"vulnerability":"VCID-fq5y-b9yq-nbee"},{"vulnerability":"VCID-hbte-dsw2-y7ad"},{"vulnerability":"VCID-j6r7-ypa1-zybv"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-jdjf-3w9k-xbaw"},{"vulnerability":"VCID-k2ks-3t6e-uqgu"},{"vulnerability":"VCID-msu4-5h99-2yaq"},{"vulnerability":"VCID-n66u-b73u-zucb"},{"vulnerability":"VCID-nbwy-fdv2-uydt"},{"vulnerability":"VCID-p5f7-uu6r-8bez"},{"vulnerability":"VCID-pxaf-6qxa-77h9"},{"vulnerability":"VCID-qwmj-ez4q-7qex"},{"vulnerability":"VCID-r86j-zujn-f7ez"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-skrs-cynm-r7du"},{"vulnerability":"VCID-t559-a5u6-4ke1"},{"vulnerability":"VCID-u5qg-vszr-9ye2"},{"vulnerability":"VCID-ue7s-pn8b-vydz"},{"vulnerability":"VCID-uhqf-tsxe-ayc2"},{"vulnerability":"VCID-uhxq-9bzs-u3fd"},{"vulnerability":"VCID-uy1m-av2n-jybt"},{"vulnerability":"VCID-va7d-ktp2-m7et"},{"vulnerability":"VCID-w42s-4aps-y3c5"},{"vulnerability":"VCID-waer-as81-8fed"},{"vulnerability":"VCID-xh97-4sn5-vyfw"},{"vulnerability":"VCID-xwdc-hndy-yubc"},{"vulnerability":"VCID-xwru-y5m9-gucd"},{"vulnerability":"VCID-zmh1-wmct-uyf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-4~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037083?format=json","purl":"pkg:deb/debian/trafficserver@8.0.2%2Bds-1%2Bdeb10u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-41x7-hv4u-byb9"},{"vulnerability":"VCID-4men-293s-3bhn"},{"vulnerability":"VCID-4wwn-74ac-p7dp"},{"vulnerability":"VCID-568b-s8ks-vfa6"},{"vulnerability":"VCID-5781-s1ny-q7ey"},{"vulnerability":"VCID-6bwv-cd3d-mudb"},{"vulnerability":"VCID-73aa-rk27-tye1"},{"vulnerability":"VCID-7nhc-5p2x-t3cj"},{"vulnerability":"VCID-931v-ukcc-6qaa"},{"vulnerability":"VCID-aqt5-2ffy-9bgs"},{"vulnerability":"VCID-b7zx-ywwc-57d9"},{"vulnerability":"VCID-bb5y-kjej-bbfm"},{"vulnerability":"VCID-bdgg-edbf-xfav"},{"vulnerability":"VCID-btm9-vxvc-3qhv"},{"vulnerability":"VCID-c5hc-3jtx-k3a6"},{"vulnerability":"VCID-c675-5njd-63hk"},{"vulnerability":"VCID-cbe5-hhz8-bqbn"},{"vulnerability":"VCID-cscf-sb71-jybq"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-fmwc-nmhh-ryaf"},{"vulnerability":"VCID-fq5y-b9yq-nbee"},{"vulnerability":"VCID-hbte-dsw2-y7ad"},{"vulnerability":"VCID-j6r7-ypa1-zybv"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-jdjf-3w9k-xbaw"},{"vulnerability":"VCID-k2ks-3t6e-uqgu"},{"vulnerability":"VCID-n66u-b73u-zucb"},{"vulnerability":"VCID-p5f7-uu6r-8bez"},{"vulnerability":"VCID-pxaf-6qxa-77h9"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-skrs-cynm-r7du"},{"vulnerability":"VCID-t559-a5u6-4ke1"},{"vulnerability":"VCID-u5qg-vszr-9ye2"},{"vulnerability":"VCID-uhqf-tsxe-ayc2"},{"vulnerability":"VCID-uhxq-9bzs-u3fd"},{"vulnerability":"VCID-uy1m-av2n-jybt"},{"vulnerability":"VCID-w42s-4aps-y3c5"},{"vulnerability":"VCID-waer-as81-8fed"},{"vulnerability":"VCID-xh97-4sn5-vyfw"},{"vulnerability":"VCID-xwdc-hndy-yubc"},{"vulnerability":"VCID-xwru-y5m9-gucd"},{"vulnerability":"VCID-zmh1-wmct-uyf7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.2%252Bds-1%252Bdeb10u6"},{"url":"http://public2.vulnerablecode.io/api/packages/994489?format=json","purl":"pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4738-xk8n-hbac"},{"vulnerability":"VCID-4hs3-be7k-9qe7"},{"vulnerability":"VCID-4uhe-mtbx-nfdu"},{"vulnerability":"VCID-5e1r-3jec-tkhp"},{"vulnerability":"VCID-c62p-6ghw-j3dv"},{"vulnerability":"VCID-eay7-63um-43e9"},{"vulnerability":"VCID-esap-nkps-cfg9"},{"vulnerability":"VCID-jabw-thzt-63bb"},{"vulnerability":"VCID-jb1b-9gr2-suez"},{"vulnerability":"VCID-kjah-am9e-xkev"},{"vulnerability":"VCID-rcdg-j23x-xfbn"},{"vulnerability":"VCID-rw58-bnwt-2bam"},{"vulnerability":"VCID-tevw-8dcp-yfh6"},{"vulnerability":"VCID-ww3t-p3pq-gkhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35161","reference_id":"","reference_type":"","scores":[{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56592","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56654","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56633","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56684","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56689","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56697","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56672","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56651","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56682","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56681","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56653","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.5659","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56608","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56546","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56591","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.6393","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.6387","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63922","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63876","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63844","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-35161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141","reference_id":"1077141","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141"},{"reference_url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_id":"c4mcmpblgl8kkmyt56t23543gp8v56m0","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-31T17:38:35Z/"}],"url":"https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0"}],"weaknesses":[{"cwe_id":444,"name":"Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')","description":"The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination."}],"exploits":[],"severity_range_score":"9.1 - 9.1","exploitability":"0.5","weighted_severity":"8.2","risk_score":4.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jb1b-9gr2-suez"}