Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache traffic server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-17509
ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.
Apache Traffic Server
7.5
CVSSv3
CVE-2019-10079
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn't limit the number of setting frames sent from the client using the HTTP/2 protocol. Users should upgrade to Apache Traffic Server 7.1.7, 8.0.4, or later versi...
Apache Traffic Server
9.8
CVSSv3
CVE-2021-43082
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an malicious user to overwrite memory. This issue affects Apache Traffic Server 9.1.0.
Apache Traffic Server
6.1
CVSSv3
CVE-2022-40743
Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions...
Apache Traffic Server
NA
CVE-2014-10022
Apache Traffic Server prior to 5.1.2 allows remote malicious users to cause a denial of service via unspecified vectors, related to internal buffer sizing.
Apache Traffic Server
7.5
CVSSv3
CVE-2018-8022
A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.
Apache Traffic Server
7.5
CVSSv3
CVE-2017-5659
Apache Traffic Server prior to 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.
Apache Traffic Server
7.5
CVSSv3
CVE-2023-33933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 up to and including 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrad...
Apache Traffic Server
9.1
CVSSv3
CVE-2023-33934
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: up to and including 9.2.1.
Apache Traffic Server
7.5
CVSSv3
CVE-2021-41585
Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an malicious user to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0.
Apache Traffic Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »