Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Traffic_server
(Apache)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 69 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-23 | CVE-2021-44759 | Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0. | Traffic_server, Debian_linux | 8.1 | ||
| 2022-08-10 | CVE-2021-37150 | Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server, Debian_linux, Fedora | 7.5 | ||
| 2022-08-10 | CVE-2022-28129 | Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server, Debian_linux, Fedora | 7.5 | ||
| 2022-08-10 | CVE-2022-25763 | Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server, Debian_linux, Fedora | 7.5 | ||
| 2022-08-10 | CVE-2022-31778 | Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2. | Traffic_server, Debian_linux | 7.5 | ||
| 2022-08-10 | CVE-2022-31779 | Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server, Debian_linux, Fedora | 7.5 | ||
| 2022-08-10 | CVE-2022-31780 | Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server, Debian_linux, Fedora | 7.5 | ||
| 2022-12-19 | CVE-2022-32749 | Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3. | Traffic_server | 7.5 | ||
| 2022-12-19 | CVE-2022-37392 | Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | Traffic_server | 5.3 | ||
| 2022-12-19 | CVE-2022-40743 | Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions. | Traffic_server | 6.1 |