Apache

Traffic Server

80 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-33933

  • EPSS 0.12%
  • Published 14.06.2023 08:15:09
  • Last modified 13.02.2025 17:16:33

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x ...

7.5

CVE-2023-30631

  • EPSS 0.54%
  • Published 14.06.2023 08:15:09
  • Last modified 13.02.2025 17:16:25

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuratio...

7.5

CVE-2022-47184

  • EPSS 0.21%
  • Published 14.06.2023 08:15:08
  • Last modified 13.02.2025 17:15:48

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.

6.1

CVE-2022-40743

  • EPSS 0.61%
  • Published 19.12.2022 12:15:11
  • Last modified 17.04.2025 15:15:47

Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgr...

5.3

CVE-2022-37392

  • EPSS 0.33%
  • Published 19.12.2022 11:15:10
  • Last modified 17.04.2025 15:15:46

Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-32749

  • EPSS 0.54%
  • Published 19.12.2022 11:15:10
  • Last modified 17.04.2025 15:15:46

Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3.

7.5

CVE-2022-28129

  • EPSS 0.22%
  • Published 10.08.2022 06:15:08
  • Last modified 21.11.2024 06:56:48

Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2021-37150

  • EPSS 0.27%
  • Published 10.08.2022 06:15:08
  • Last modified 08.09.2025 19:15:31

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-25763

  • EPSS 0.35%
  • Published 10.08.2022 06:15:08
  • Last modified 21.11.2024 06:52:57

Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-31778

  • EPSS 0.15%
  • Published 10.08.2022 06:15:08
  • Last modified 21.11.2024 07:05:17

Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.