Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache traffic server vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-40743
Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions...
Apache Traffic Server
7.5
CVSSv3
CVE-2022-32749
Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an malicious user to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 up to and including 9.1.3.
Apache Traffic Server
7.5
CVSSv3
CVE-2023-33933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 up to and including 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrad...
Apache Traffic Server
9.1
CVSSv3
CVE-2023-33934
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: up to and including 9.2.1.
Apache Traffic Server
9.8
CVSSv3
CVE-2021-43082
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an malicious user to overwrite memory. This issue affects Apache Traffic Server 9.1.0.
Apache Traffic Server
7.5
CVSSv3
CVE-2020-17508
The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgrade. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.
Apache Traffic Server
7.5
CVSSv3
CVE-2022-47185
Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: up to and including 9.2.1.
Apache Traffic Server
NA
CVE-2014-10022
Apache Traffic Server prior to 5.1.2 allows remote malicious users to cause a denial of service via unspecified vectors, related to internal buffer sizing.
Apache Traffic Server
7.5
CVSSv3
CVE-2017-5659
Apache Traffic Server prior to 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.
Apache Traffic Server
7.5
CVSSv3
CVE-2019-10079
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn't limit the number of setting frames sent from the client using the HTTP/2 protocol. Users should upgrade to Apache Traffic Server 7.1.7, 8.0.4, or later versi...
Apache Traffic Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »