Traffic Server@9.0.1 Security Vulnerabilities and Issues — Traffic Server@9.0.1 CVE List

Lucene search

ApacheTraffic Server9.0.1

6 matches found

CVE•added 2021/06/30 8:15 a.m.•82 views

CVE-2021-35474

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

9.8CVSS9.4AI score0.06342EPSS

CVE•added 2021/06/29 12:15 p.m.•73 views

CVE-2021-27577

Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

7.5CVSS7.5AI score0.00521EPSS

CVE•added 2021/06/29 12:15 p.m.•73 views

CVE-2021-32565

Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

7.5CVSS7.5AI score0.02871EPSS

CVE•added 2021/06/30 8:15 a.m.•73 views

CVE-2021-32566

Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Server allows an attacker to DOS the server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

7.5CVSS7.5AI score0.03883EPSS

CVE•added 2021/06/30 8:15 a.m.•73 views

CVE-2021-32567

7.5CVSS7.5AI score0.03883EPSS

CVE•added 2021/11/03 4:15 p.m.•58 views

CVE-2021-37148

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.

7.5CVSS7.4AI score0.00797EPSS