CVE-2014-10022Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Traffic Server

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
2.7%
top 14.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Traffic Server
Timeline
PublishedJan 13
Latest updateMay 17

Description

Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-3w3h-xp3m-9w36: Apache Traffic Server before 52022-05-17
CVEList
CVE-2014-10022: Apache Traffic Server before 52015-01-13
OSV
CVE-2014-10022: Apache Traffic Server before 52015-01-13

📋Vendor Advisories

1
Debian
CVE-2014-10022: trafficserver - Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of ...2014

💬Community

1
Bugzilla
CVE-2014-10022 trafficserver: incorrect handling of "Max-Forwards" header2015-01-06
CVE-2014-10022 — Apache Traffic Server vulnerability | cvebase