Vulnerabilities > Apache > Traffic Server > 9.1.0

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2021-37150 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources.
network
low complexity
apache debian fedoraproject CWE-20
7.5
7.5
2022-08-10 CVE-2022-25763 HTTP Request Smuggling vulnerability in multiple products
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks.
network
low complexity
apache debian fedoraproject CWE-444
7.5
7.5
2022-08-10 CVE-2022-28129 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers.
network
low complexity
apache debian fedoraproject CWE-20
7.5
7.5
2022-08-10 CVE-2022-31778 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache.
network
low complexity
apache debian CWE-20
7.5
7.5
2022-08-10 CVE-2022-31779 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject CWE-20
7.5
7.5
2022-08-10 CVE-2022-31780 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian fedoraproject CWE-20
7.5
7.5
2022-03-23 CVE-2021-44040 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in request line parsing of Apache Traffic Server allows an attacker to send invalid requests.
network
low complexity
apache debian CWE-20
7.5
7.5
2021-11-03 CVE-2021-37147 HTTP Request Smuggling vulnerability in multiple products
Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian CWE-444
7.5
7.5
2021-11-03 CVE-2021-37149 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests.
network
low complexity
apache debian CWE-20
7.5
7.5
2021-11-03 CVE-2021-41585 Improper Input Validation vulnerability in Apache Traffic Server
Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections.
network
low complexity
apache CWE-20
5.0
5.0