Shodan
Vulnerabilities
Vulnerable Software
Apache:  >> Traffic Server  >> 9.2.0  Security Vulnerabilities
CVE-2023-39456
Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue.
CVSS Score
7.5
EPSS Score
0.073
Published
2023-10-17
CVE-2023-41752
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-10-17
CVE-2023-44487
Known exploited
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVSS Score
7.5
EPSS Score
0.944
Published
2023-10-10
CVE-2023-33934
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1.
CVSS Score
9.1
EPSS Score
0.003
Published
2023-08-09
CVE-2022-47185
Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-08-09
CVE-2023-30631
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
CVSS Score
7.5
EPSS Score
0.005
Published
2023-06-14
CVE-2023-33933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-14
CVE-2022-47184
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved