Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2024-53868

🗓️ 03 Apr 2025 08:59:02Reported by apacheType 
cve
 cve🔗 web.nvd.nist.gov👁 401 Views

Apache Traffic Server vulnerable to request smuggling due to malformed chunked messages. Upgrade recommended.

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
AlpineLinux		CVE-2024-53868
3 Apr 202508:59
alpinelinux
BDU FSTEC		The vulnerability of the Apache Traffic Server web server, related to defects in the processing of HTTP request headers, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).
7 Apr 202500:00
bdu_fstec
Circl		CVE-2024-53868
3 Apr 202509:34
circl
CNNVD		Apache Traffic Server(ATS) 环境问题漏洞
3 Apr 202500:00
cnnvd
CNVD		Apache Traffic Server (ATS) Environment Issue Vulnerability
8 May 202500:00
cnvd
Cvelist		CVE-2024-53868 Apache Traffic Server: Malformed chunked message body allows request smuggling
3 Apr 202508:59
cvelist
Debian		[SECURITY] [DSA 5948-1] trafficserver security update
24 Jun 202519:43
debian
Debian CVE		CVE-2024-53868
3 Apr 202508:59
debiancve
Tenable Nessus		Debian dsa-5948 : trafficserver - security update
25 Jun 202500:00
nessus
Tenable Nessus		Fedora 40 : trafficserver (2025-3467f5b68d)
23 Apr 202500:00
nessus
Rows per page
NVD
Vulners
Node
apachetraffic_serverRange9.0.09.2.10
OR
apachetraffic_serverRange10.0.010.0.5
[
  {
    "defaultStatus": "unaffected",
    "product": "Apache Traffic Server",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "9.2.9",
        "status": "affected",
        "version": "9.2.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "10.0.4",
        "status": "affected",
        "version": "10.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 Apr 2025 20:42Current
7.2High risk
Vulners AI Score7.2
CVSS 3.17.5
EPSS0.00568
SSVC
CWE-444
apache traffic server issuerequest smuggling vulnerabilitychunked messagesversion upgrade required
401