Vulnerabilities > Apache > Traffic Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-17 | CVE-2016-5396 | Resource Management Errors vulnerability in Apache Traffic Server Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack. | 7.8 |
| 2015-01-13 | CVE-2014-10022 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apache Traffic Server Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing. | 5.0 |
| 2012-03-26 | CVE-2012-0256 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apache Traffic Server Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header. | 5.0 |
| 2010-09-13 | CVE-2010-2952 | Improper Input Validation vulnerability in Apache Traffic Server 2.0.0/2.1.0/2.1.1 Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response. | 4.3 |