97 matches found
CVE-2022-23206
In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...
GO-2025-4033 Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability in github.com/apache/trafficcontrol
Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability in github.com/apache/trafficcontrol...
CVE-2025-61581
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
GHSA-9M49-P2J3-C6XM Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
EUVD-2025-34739
Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability...
CVE-2025-61581
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
CVE-2025-61581
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
CVE-2025-61581 Apache Traffic Control: ReDoS issue in Traffic Router configuration
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
CVE-2025-61581 Apache Traffic Control: ReDoS issue in Traffic Router configuration
UNSUPPORTED WHEN ASSIGNED Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control. This issue affects Apache Traffic Control: all versions. People with access to the management interface of the Traffic Router component could specify malicious patterns and cause...
CVE-2025-61581
CVE-2025-61581 describes an Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control affecting all versions. The description states that users with access to the Traffic Router management interface could supply malicious patterns, potentially causing unavailability. The p...
Apache Traffic Control 安全漏洞
Apache Traffic Control is a distributed, scalable content delivery solution from the Apache USA Foundation. The product is primarily used to build large-scale content delivery networks. A security vulnerability exists in Apache Traffic Control that stems from a malicious pattern that can be...
EUVD-2021-1372
Malware in sbrugna...
EUVD-2021-0918
Malware in sbrugna...
EUVD-2021-2206
Malware in sbrugna...
EUVD-2022-3672
Malicious code in bioql PyPI...
EUVD-2022-4555
Malicious code in bioql PyPI...
EUVD-2022-1233
Malicious code in bioql PyPI...
CVE-2021-42009
An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address...
CVE-2019-12405
Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user's correct...