Lucene search
Veracode Vulnerability DatabaseVERACODE:28500HistoryDec 07, 2020 - 5:03 a.m.
Cache Poisoning
2020-12-0705:03:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.003 Low
EPSS
Percentile
65.4%
apache/trafficserver is vulnerable to cache poisoning. Insufficient validation of user inputs allow a remote attacker to send specially crafted data to the proxy server and poison negative server’s cache.
| CPE | Name | Operator | Version |
|---|---|---|---|
| trafficserver:sid | eq | 8.1.0+ds-2 | |
| trafficserver:buster | eq | 8.0.2+ds-1+deb10u3 |
References
lists.apache.org/thread.html/raa9f0589c26c4d146646425e51e2a33e1457492df9f7ea2019daa6d3%40%3Cannounce.trafficserver.apache.org%3E
lists.apache.org/thread.html/raa9f0589c26c4d146646425e51e2a33e1457492df9f7ea2019daa6d3%40%3Cdev.trafficserver.apache.org%3E
security-tracker.debian.org/tracker/CVE-2020-17509
Related
ubuntucve
ubuntucve
CVE-2020-17509
2021-01-11 00:00:00
osv
osv
CVE-2020-17509
2021-01-11 10:15:13
trafficserver - security update
2020-12-07 00:00:00
cvelist
cvelist
CVE-2020-17509
2021-01-11 09:40:20
nvd
nvd
CVE-2020-17509
2021-01-11 10:15:13
debiancve
debiancve
CVE-2020-17509
2021-01-11 10:15:13
cve
cve
CVE-2020-17509
2021-01-11 10:15:13
prion
prion
Design/Logic Flaw
2021-01-11 10:15:00
openvas
openvas
Debian: Security Advisory (DSA-4805-1)
2020-12-08 00:00:00
debian
debian
[SECURITY] [DSA 4805-1] trafficserver security update
2020-12-07 21:37:53
nessus
nessus
Debian DSA-4805-1 : trafficserver - security update
2020-12-08 00:00:00