Vulnerabilities > Apache > Traffic Server > 3.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-22 | CVE-2019-10079 | Allocation of Resources Without Limits or Throttling vulnerability in Apache Traffic Server Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. | 7.5 |
| 2018-02-27 | CVE-2017-5660 | Improper Input Validation vulnerability in multiple products There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. | 8.6 |
| 2017-04-17 | CVE-2017-5659 | Improper Input Validation vulnerability in Apache Traffic Server Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding. | 5.0 |
| 2015-01-13 | CVE-2014-10022 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Traffic Server Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing. | 5.0 |
| 2012-03-26 | CVE-2012-0256 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apache Traffic Server Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header. | 5.0 |