Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache traffic server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-9494
Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.
Apache Traffic Server
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2023-41752
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 up to and including 8.1.8, from 9.0.0 up to and including 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, whic...
Apache Traffic Server
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.5
CVSSv3
CVE-2023-39456
Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 up to and including 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue.
Apache Traffic Server
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.5
CVSSv3
CVE-2021-44040
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an malicious user to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-47184
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.
Apache Traffic Server
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.5
CVSSv3
CVE-2021-37147
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2021-37148
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2019-9512
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consum...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Nodejs Node.js
2 Github repositories
1 Article
8.1
CVSSv3
CVE-2021-44759
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an malicious user to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.1
CVSSv3
CVE-2021-38161
Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »