CVE search results

61 – 70 of 74 results

Detailed view

Sort by:

CVE-2018-8005

Medium priority

Vulnerable

When there are multiple ranges in a range request, Apache Traffic Server (ATS) will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0...

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Vulnerable

CVE-2018-8004

Medium priority

Vulnerable

There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users...

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Vulnerable

CVE-2018-1318

Low priority

Vulnerable

Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request. This affects versions Apache Traffic Server (ATS) 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x...

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Vulnerable

CVE-2017-7671

Medium priority

Vulnerable

There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Not affected

CVE-2017-5660

Low priority

Vulnerable

There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used.

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Not affected

CVE-2015-3249

Medium priority

Vulnerable

The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the...

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Not affected

CVE-2014-3624

Medium priority

Ignored

Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	—	—	—	Not affected

CVE-2015-5206

Low priority

Vulnerable

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Not affected

CVE-2015-5168

Low priority

Vulnerable

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Not affected

CVE-2017-5659

Medium priority

Vulnerable

Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.

1 affected package

trafficserver

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
trafficserver	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page:

Search CVE reports