Search CVE reports
1 – 10 of 72 results
CVE-2024-53868
Medium priorityApache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0 through 10.0.4. Users are recommended to upgrade to version 9.2.10...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-56196
Medium priorityImproper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 10.0.4, which fixes the issue.
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-56195
Medium priorityImproper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-38311
Medium priorityImproper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-56202
Medium priorityExpected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-50306
Medium priorityUnchecked return value can allow Apache Traffic Server to retain privileges on startup. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1. Users are recommended to upgrade to version...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-50305
Medium priorityValid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-38479
Medium priorityImproper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-35296
Medium priorityInvalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-35161
Medium priorityApache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache...
1 affected package
trafficserver
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| trafficserver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |