Apache: >> Traffic Server >> 9.0.0 Security Vulnerabilities
Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
CVSS Score
9.8
EPSS Score
0.092
Published
2021-06-30
Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
CVSS Score
7.5
EPSS Score
0.012
Published
2021-06-29
Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.
CVSS Score
7.5
EPSS Score
0.057
Published
2021-06-29
Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on the experimental Slicer plugin.
CVSS Score
7.5
EPSS Score
0.095
Published
2021-05-14
Page 5