CVE-2015-5168Apache Traffic Server vulnerability

5 documents5 sources
Severity
9.8CRITICALNVD
EPSS
1.9%
top 16.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Traffic Server
Timeline
PublishedSep 13
Latest updateMay 17

Description

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDapache/traffic_server5.3.0, 5.3.1+1

🔴Vulnerability Details

3
GHSA
GHSA-qjwx-gw73-82qp: Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 52022-05-17
CVEList
CVE-2015-5168: Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 52017-09-13
OSV
CVE-2015-5168: Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 52017-09-13

📋Vendor Advisories

1
Debian
CVE-2015-5168: trafficserver - Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic S...2015
CVE-2015-5168 — Apache Traffic Server vulnerability | cvebase