{"schema_version": "1.6.1", "id": "CVE-2021-27577", "summary": "Incorrect handling of url fragment leads to cache poisoning", "details": "Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache.  This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1"}, {"last_affected": "7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E"}]}