Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-39456HistoryOct 17, 2023 - 7:15 a.m.
CVE-2023-39456
2023-10-1707:15:09
Debian Security Bug Tracker
security-tracker.debian.org
9
apache traffic server
input validation
http/2
upgrade
vulnerability
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.5
Confidence
High
EPSS
0.002
Percentile
64.8%
Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | trafficserver | < 9.2.3+ds-1+deb12u1 | trafficserver_9.2.3+ds-1+deb12u1_all.deb |
| Debian | 11 | all | trafficserver | < 8.1.10+ds-1~deb11u1 | trafficserver_8.1.10+ds-1~deb11u1_all.deb |
| Debian | 999 | all | trafficserver | < 9.2.3+ds-1 | trafficserver_9.2.3+ds-1_all.deb |
Related
osv
osv
CVE-2023-39456
2023-10-17 07:15:09
veracode
veracode
Improper Input Validation
2023-11-04 13:22:48
cnvd
cnvd
Apache Traffic Server Input Validation Error Vulnerability (CNVD-2023-93321)
2023-10-25 00:00:00
vulnrichment
vulnrichment
nvd
nvd
CVE-2023-39456
2023-10-17 07:15:09
ubuntucve
ubuntucve
CVE-2023-39456
2023-10-17 00:00:00
prion
prion
Input validation
2023-10-17 07:15:00
cve
cve
CVE-2023-39456
2023-10-17 07:15:09
cvelist
cvelist
nessus
nessus
Fedora 38 : trafficserver (2023-5ff7bf1dd8)
2023-10-20 00:00:00
Fedora 37 : trafficserver (2023-54fadada12)
2023-10-20 00:00:00
Fedora 39 : trafficserver (2023-1caffb88af)
2023-11-07 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: trafficserver-9.2.3-1.fc38
2023-10-20 00:42:45
[SECURITY] Fedora 39 Update: trafficserver-9.2.3-1.fc39
2023-11-03 18:56:59
[SECURITY] Fedora 37 Update: trafficserver-9.2.3-1.fc37
2023-10-20 01:08:16
openvas
openvas
Fedora: Security Advisory (FEDORA-2023-1caffb88af)
2023-11-05 00:00:00
Fedora: Security Advisory for trafficserver (FEDORA-2023-5ff7bf1dd8)
2023-10-20 00:00:00
Fedora: Security Advisory for trafficserver (FEDORA-2023-54fadada12)
2023-10-22 00:00:00
debian
debian
[SECURITY] [DSA 5549-1] trafficserver security update
2023-11-05 19:57:05
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.5
Confidence
High
EPSS
0.002
Percentile
64.8%
Related for DEBIANCVE:CVE-2023-39456