Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache traffic server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-37150
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-25763
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an malicious user to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-28129
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an malicious user to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5
CVSSv2
CVE-2021-44040
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an malicious user to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2021-44759
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an malicious user to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5
CVSSv2
CVE-2022-23206
In Apache Traffic Control Traffic Ops before 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.
Apache Traffic Control
5
CVSSv2
CVE-2021-37147
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5
CVSSv2
CVE-2021-37148
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5
CVSSv2
CVE-2021-37149
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2021-43082
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an malicious user to overwrite memory. This issue affects Apache Traffic Server 9.1.0.
Apache Traffic Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »