{"id":"CVE-2017-5660","details":"There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used.","modified":"2026-04-10T04:01:43.108269Z","published":"2018-02-27T20:29:00.403Z","references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/22d84783d94c53a5132ec89f002fe5165c87561a9428bcb6713b3c98%40%3Cdev.trafficserver.apache.org%3E"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4128"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/trafficserver","events":[{"introduced":"0"},{"last_affected":"a57be23251358e6ac97442ebde3dae8d95d94846"},{"introduced":"0"},{"last_affected":"6d6c6f2af903c3c2d1dec7db8094d00cb1813e60"},{"introduced":"0"},{"last_affected":"6d6c6f2af903c3c2d1dec7db8094d00cb1813e60"},{"introduced":"0"},{"last_affected":"0b7b630858b4983d077a63074776abdfa48778f8"},{"introduced":"0"},{"last_affected":"0b7b630858b4983d077a63074776abdfa48778f8"},{"introduced":"0"},{"last_affected":"6c1c6cf20e7d0e287d697a0f4181436013d17c30"},{"introduced":"0"},{"last_affected":"1f1d708bbf4bbcd64cb0dbd82a2bbc838c630041"},{"introduced":"0"},{"last_affected":"ab7c2cb5f85ff8bc47014a355c648e568e218179"},{"introduced":"0"},{"last_affected":"5a27a40000db0b8f8edee7e99cd65ecb710239b2"},{"introduced":"0"},{"last_affected":"b14030656330ed623cd1f9efe2f4f9abd9d16e29"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.2.0"},{"introduced":"0"},{"last_affected":"6.2.1"},{"introduced":"0"},{"last_affected":"6.2.1-rc0"},{"introduced":"0"},{"last_affected":"6.2.2"},{"introduced":"0"},{"last_affected":"6.2.2-rc0"},{"introduced":"0"},{"last_affected":"7.0.0"},{"introduced":"0"},{"last_affected":"7.0.0-rc0"},{"introduced":"0"},{"last_affected":"7.0.0-rc1"},{"introduced":"0"},{"last_affected":"7.0.0-rc2"},{"introduced":"0"},{"last_affected":"9.0"}]}}],"versions":["3.1.2","3.3.0","3.3.1","6.2.0","6.2.0-rc0","6.2.0-rc1","6.2.0-rc2","6.2.0-rc3","6.2.1","6.2.1-rc0","6.2.2","6.2.2-rc0","7.0.0","7.0.0-rc0","7.0.0-rc1","7.0.0-rc2","9.0.0","9.0.0-rc0","9.0.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5660.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}]}