Lucene search
Veracode Vulnerability DatabaseVERACODE:28501HistoryDec 07, 2020 - 5:03 a.m.
Information Disclosure
2020-12-0705:03:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.001 Low
EPSS
Percentile
40.8%
trafficserver is vulnerable to information disclosure. The ATS ESI plugin allows an attacker to obtain confidential information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| trafficserver:sid | eq | 8.1.0+ds-2 | |
| trafficserver:buster | eq | 8.0.2+ds-1+deb10u3 |
References
lists.apache.org/thread.html/r65434f7acca3aebf81b0588587149c893fe9f8f9f159eaa7364a70ff%40%3Cannounce.trafficserver.apache.org%3E
lists.apache.org/thread.html/r65434f7acca3aebf81b0588587149c893fe9f8f9f159eaa7364a70ff%40%3Cdev.trafficserver.apache.org%3E
security-tracker.debian.org/tracker/CVE-2020-17508
Related
ubuntucve
ubuntucve
CVE-2020-17508
2021-01-11 00:00:00
prion
prion
Design/Logic Flaw
2021-01-11 10:15:00
debiancve
debiancve
CVE-2020-17508
2021-01-11 10:15:13
nvd
nvd
CVE-2020-17508
2021-01-11 10:15:13
cve
cve
CVE-2020-17508
2021-01-11 10:15:13
osv
osv
CVE-2020-17508
2021-01-11 10:15:13
trafficserver - security update
2020-12-07 00:00:00
openvas
openvas
Apache Traffic Server (ATS) < 7.1.12, 8.x < 8.1.1 Information Disclosure Vulnerability
2021-01-18 00:00:00
Debian: Security Advisory (DSA-4805-1)
2020-12-08 00:00:00
cvelist
cvelist
CVE-2020-17508
2021-01-11 09:40:20
debian
debian
[SECURITY] [DSA 4805-1] trafficserver security update
2020-12-07 21:37:53
nessus
nessus
Debian DSA-4805-1 : trafficserver - security update
2020-12-08 00:00:00