CVE-2018-8022

2018-08-2913:29:02

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

JSON

A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.

References

www.securityfocus.com/bid/105183

github.com/apache/trafficserver/pull/2147

lists.apache.org/thread.html/ce404d2fe16cc59085ece5a6236ccd1549def471a2a9508198d966b1%40%3Cusers.trafficserver.apache.org%3E