9 matches found
Debian: Security Advisory (DLA-3475-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : trafficserver (2023-2e6bead58b)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-2e6bead58b advisory. Update to upstream 9.2.1; resolves CVE-2022-47184, CVE-2023-30631, CVE-2023-33933 Tenable has extracted the preceding description block directly fro...
[SECURITY] [DSA 5435-2] trafficserver security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5435-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2023 https://www.debian.org/security/faq -...
Debian DSA-5435-1 : trafficserver - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5435 advisory. - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache...
[SECURITY] [DSA 5435-1] trafficserver security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5435-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 21, 2023 https://www.debian.org/security/faq -...
CVE-2023-30631
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't function. However, by default the PUSH method is blocked in the ipallow configuration file.This issue affects Apache Traffic Server:...
CVE-2023-30631
Apache Traffic Server (ATS) CVE-2023-30631: Improper input validation in the configuration option proxy.config.http.push_method_enabled caused the PUSH method handling to behave unexpectedly, potentially bypassing intended blocks. Affects ATS releases 8.0.0 through 9.2.0. Mitigation: upgrade to 8...
CVE-2023-30631
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't function. However, by default the PUSH method is blocked in the ipallow configuration file.This issue affects Apache Traffic Server:...
Apache Traffic Server (ATS) 8.x <= 8.1.6, 9.x <= 9.2.0 Multiple Vulnerabilities
Apache Traffic Server ATS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...