Filtered by vendor Apache
Subscriptions
Filtered by product Traffic Server
Subscriptions
Total
70 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-5659 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding. | ||||
CVE-2016-5396 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack. | ||||
CVE-2015-5206 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168. | ||||
CVE-2015-5168 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206. | ||||
CVE-2015-3249 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function. | ||||
CVE-2014-3624 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT. | ||||
CVE-2014-3525 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, 4.x before 4.2.1.1, and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks. | ||||
CVE-2014-10022 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing. | ||||
CVE-2012-0256 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header. | ||||
CVE-2010-2952 | 1 Apache | 1 Traffic Server | 2024-11-21 | N/A |
Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response. |