Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
traffic server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-37149
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
605
VMScore
CVE-2021-44759
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an malicious user to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
445
VMScore
CVE-2021-44040
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an malicious user to send invalid requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.3 and 9.0.0 to 9.1.1.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-25763
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an malicious user to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-31779
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
446
VMScore
CVE-2022-23206
In Apache Traffic Control Traffic Ops before 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.
Apache Traffic Control
NA
CVE-2022-28129
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an malicious user to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-31780
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an malicious user to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2021-37150
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an malicious user to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
356
VMScore
CVE-2021-42009
An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitr...
Apache Traffic Control
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »