Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Traffic_server
(Apache)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 67 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-12-19 | CVE-2022-37392 | Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server | 5.3 | ||
| 2023-10-17 | CVE-2023-39456 | Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue. | Traffic_server, Fedora | 7.5 | ||
| 2023-10-17 | CVE-2023-41752 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue. | Traffic_server, Fedora | 7.5 | ||
| 2022-12-19 | CVE-2022-40743 | Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions. | Traffic_server | 6.1 | ||
| 2022-08-10 | CVE-2022-25763 | Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server, Debian_linux, Fedora | 7.5 | ||
| 2022-08-10 | CVE-2022-31778 | Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2. | Traffic_server, Debian_linux | 7.5 | ||
| 2022-08-10 | CVE-2022-31779 | Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server, Debian_linux, Fedora | 7.5 | ||
| 2021-11-03 | CVE-2021-38161 | Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8. | Traffic_server, Debian_linux | 8.1 | ||
| 2021-11-03 | CVE-2021-37148 | Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1. | Traffic_server, Debian_linux | 7.5 | ||
| 2021-11-03 | CVE-2021-37149 | Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0. | Traffic_server, Debian_linux | 7.5 |