4433 matches found
CVE-2022-25763
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31779
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31780
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-25763
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31779
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-25763
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31780
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
Input validation
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
Input validation
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31779
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
Input validation
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31779 Improper HTTP/2 scheme and method validation
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31779
CVE-2022-31779 affects Apache Traffic Server, where an improper input validation in HTTP/2 header parsing allows request smuggling. Affected: ATS 8.0.0–9.1.2. Impact: potential inconsistency or compromise via crafted requests (I: HIGH, A: NONE, C: NONE). Mitigation in public advisories: Debian fi...
CVE-2022-31779
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-25763 Improper input validation on HTTP/2 headers
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-25763
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-25763
CVE-2022-25763 affects Apache Traffic Server 8.0.0–9.1.2 due to improper HTTP/2 request validation, enabling potential smuggle or cache-poison attacks. The initial document lists CVSS metrics (base 7.5/ HIGH) and impact as I:H, with no exploitation status provided. Remediation references exist in...
CVE-2022-31780 HTTP/2 framing vulnerabilities
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31780
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...
CVE-2022-31780
CVE-2022-31780 affects Apache Traffic Server (8.0.0–9.1.2) with an improper input validation in HTTP/2 frame handling that can allow request smuggling. Connected advisories confirm fixes: Debian DLA-3279 (trafficserver 8.0.2+ds-1+deb10u7) and Fedora updates (trafficserver 9.1.3-1.fc36/1.fc35). Op...