11 matches found
OESA-2025-1904 trafficserver security update
Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Apache Traffic Server ATS is a set of scalable HTTP proxy and caching servers from the Apache Foundation in the United States. Apache Traffic Server ATS versions...
OESA-2025-1732 trafficserver security update
Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Apache Traffic Server ATS is a set of scalable HTTP proxy and caching servers from the Apache Foundation in the United States. Apache Traffic Server ATS versions...
Fedora: Security Advisory (FEDORA-2025-ed452354bb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-5948-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-31698
A flaw was found in trafficserver. Access control lists ACLs configured within ipallow.config or remap.config incorrectly utilize IP addresses, failing to account for those provided by the PROXY protocol. This can allow an attacker to bypass intended access restrictions by manipulating the source...
CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
UBUNTU-CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698 Apache Traffic Server: Client IP address from PROXY protocol is not used for ACL
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...
CVE-2025-31698
Summary : CVE-2025-31698 affects Apache Traffic Server (ATS). The ACLs configured in ip_allow.config or remap.config may use IP addresses not provided by the PROXY protocol when ATS is configured to accept PROXY, exposing confidentiality. Affected ranges include 10.0.0–10.0.6 and 9.0.0–9.2.10. Ro...
CVE-2025-31698 Apache Traffic Server: Client IP address from PROXY protocol is not used for ACL
ACL configured in ipallow.config or remap.config does not use IP addresses that are provided by PROXY protocol. Users can use a new setting proxy.config.acl.subjects to choose which IP addresses to use for the ACL if Apache Traffic Server is configured to accept PROXY protocol. This issue affects...