Page 5 of 29 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0. Una vulnerabilidad de Comprobación de entrada inapropiada en el análisis de encabezados de Apache Traffic Server permite a un atacante colar peticiones. Este problema afecta a Apache Traffic Server versiones 8.0.0 a 8.1.2 y 9.0.0 a 9.1.0 • https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164 https://www.debian.org/security/2022/dsa-5153 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1. Una vulnerabilidad de comprobación de entrada inapropiada en el análisis de encabezados de Apache Traffic Server permite a un atacante contrabandear peticiones. Este problema afecta a Apache Traffic Server versiones 8.0.0 a 8.1.2 y 9.0.0 a 9.0.1 • https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164 https://www.debian.org/security/2022/dsa-5153 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0. Una vulnerabilidad de comprobación de entrada inapropiada en el análisis de encabezados de Apache Traffic Server permite a un atacante contrabandear peticiones. Este problema afecta a Apache Traffic Server versiones 8.0.0 a 8.1.2 y 9.0.0 a 9.1.0 • https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164 https://www.debian.org/security/2022/dsa-5153 • CWE-20: Improper Input Validation CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1. Una vulnerabilidad de desbordamiento del búfer en la región stack de la memoria en el plugin cachekey de Apache Traffic Server. Este problema afecta a Apache Traffic Server 7.0.0 a 7.1.12, 8.0.0 a 8.1.1, 9.0.0 a 9.0.1 • https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E https://www.debian.org/security/2021/dsa-4957 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1. Una vulnerabilidad de comprobación inapropiada de entrada en HTTP/2 de Apache Traffic Server, permite a un atacante realizar un DOS en el servidor. Este problema afecta a Apache Traffic Server versiones 7.0.0 hasta 7.1.12, versiones 8.0.0 hasta 8.1.1, versiones 9.0.0 hasta 9.0.1 • https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E https://www.debian.org/security/2021/dsa-4957 • CWE-20: Improper Input Validation •