{"schema_version": "1.6.1", "id": "CVE-2021-37150", "summary": "Protocol vs scheme mismatch", "details": "Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources.  This issue affects Apache Traffic Server 8.0.0 to 9.1.2.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "8.0.0 to 9.1.2"}, {"last_affected": "8.0.0 to 9.1.2"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21"}]}