Vulnerabilities > Apache > Traffic Server > 9.0.1

DATE CVE VULNERABILITY TITLE RISK
2022-03-23 CVE-2021-44040 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests.
network
low complexity
apache debian CWE-20
7.5
7.5
2021-11-03 CVE-2021-37147 Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian
7.5
7.5
2021-11-03 CVE-2021-37148 Improper Input Validation vulnerability in multiple products
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian CWE-20
7.5
7.5
2021-11-03 CVE-2021-37149 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian CWE-20
7.5
7.5
2021-11-03 CVE-2021-41585 Improper Input Validation vulnerability in Apache Traffic Server
Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections.
network
low complexity
apache CWE-20
7.5
7.5
2021-11-03 CVE-2021-43082 Classic Buffer Overflow vulnerability in Apache Traffic Server
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory.
network
low complexity
apache CWE-120
critical
 9.8
9.8
2021-06-30 CVE-2021-32566 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server.
network
low complexity
apache debian CWE-20
7.5
7.5
2021-06-30 CVE-2021-32567 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server.
network
low complexity
apache debian CWE-20
7.5
7.5
2021-06-30 CVE-2021-35474 Out-of-bounds Write vulnerability in multiple products
Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server.
network
low complexity
apache debian CWE-787
critical
 9.8
9.8
2021-06-29 CVE-2021-27577 HTTP Request Smuggling vulnerability in multiple products
Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache.
network
low complexity
apache debian CWE-444
7.5
7.5