2024-11-20 | CVE-2018-9481 | Integer Overflow or Wraparound vulnerability in multiple products In bta_hd_set_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to an integer overflow. | 6.5 |
2024-07-26 | CVE-2023-38522 | Unspecified vulnerability in Apache Traffic Server Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. | 7.5 |
2024-07-26 | CVE-2024-35161 | Unspecified vulnerability in Apache Traffic Server Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. | 7.5 |
2024-07-26 | CVE-2024-35296 | Unspecified vulnerability in Apache Traffic Server Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. | 8.2 |
2023-10-17 | CVE-2023-39456 | Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue. | 7.5 |
2023-10-17 | CVE-2023-41752 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue. | 7.5 |
2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
2023-08-09 | CVE-2022-47185 | Unspecified vulnerability in Apache Traffic Server Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1. | 7.5 |
2023-08-09 | CVE-2023-33934 | Unspecified vulnerability in Apache Traffic Server Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1. network low complexity apache critical | 9.1 |
2023-06-14 | CVE-2022-47184 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0. | 7.5 |