Page 2 of 46 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions • https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV https://www.debian.org/security/2023/dsa-5435 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0. • https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV https://www.debian.org/security/2023/dsa-5435 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions. Una vulnerabilidad de validación de entrada incorrecta para el complemento xdebug en Apache Software Foundation Apache Traffic Server puede provocar ataques de envenenamiento de caché y Cross-Site Scripting. Este problema afecta a Apache Traffic Server: 9.0.0 a 9.1.3. Los usuarios deben actualizar a 9.1.4 o versiones posteriores. • https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. Vulnerabilidad de comprobación incorrecta de la condiciones inusuales o excepcionales en el manejo de las solicitudes al servidor Apache Traffic. Este problema afecta a Apache Traffic Server 8.0.0 a 9.1.2. • https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02 • CWE-754: Improper Check for Unusual or Exceptional Conditions •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3. La vulnerabilidad de verificación inadecuada de condiciones inusuales o excepcionales que maneja solicitudes en Apache Traffic Server permite que un atacante bloquee el servidor bajo ciertas condiciones. Este problema afecta a Apache Traffic Server: desde 8.0.0 hasta 9.1.3. • https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02 • CWE-754: Improper Check for Unusual or Exceptional Conditions •