Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache traffic server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-41585
Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an malicious user to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0.
Apache Traffic Server
5
CVSSv2
CVE-2020-17508
The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgrade. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.
Apache Traffic Server
7.5
CVSSv2
CVE-2021-43082
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an malicious user to overwrite memory. This issue affects Apache Traffic Server 9.1.0.
Apache Traffic Server
5
CVSSv2
CVE-2021-27737
Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on the experimental Slicer plugin.
Apache Traffic Server 9.0.0
7.5
CVSSv2
CVE-2014-3624
Apache Traffic Server 5.1.x prior to 5.1.1 allows remote malicious users to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
Apache Traffic Server 5.1.0
7.5
CVSSv2
CVE-2015-3249
The HTTP/2 experimental feature in Apache Traffic Server 5.3.x prior to 5.3.1 allows remote malicious users to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynam...
Apache Traffic Server 5.3.0
5
CVSSv2
CVE-2018-1318
Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request. This affects versions Apache Traffic Server (ATS) 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x ...
Apache Traffic Server
Debian Debian Linux 9.0
5
CVSSv2
CVE-2021-32565
Invalid values in the Content-Length header sent to Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
Apache Traffic Server
Debian Debian Linux 10.0
5
CVSSv2
CVE-2021-32567
Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an malicious user to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
Apache Traffic Server
Debian Debian Linux 10.0
4
CVSSv2
CVE-2018-8004
There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later version...
Apache Traffic Server
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »