Veracode Vulnerability DatabaseVERACODE:36776Improper Input Validation
0.003 Low
EPSS
Percentile
68.0%
trafficserver is vulnerable to improper input validation vulnerability. The vulnerability exists in HTTP/2 header parsing of Apache Traffic Server which allows an attacker to smuggle requests.
References
lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/
lists.fedoraproject.org/archives/list/[email protected]/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/
lists.fedoraproject.org/archives/list/[email protected]/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/
security-tracker.debian.org/tracker/CVE-2022-31779
www.debian.org/security/2022/dsa-5206
Related
