CVE-2022-47185
published 2023-08-09CVE-2022-47185: Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Improper input validation vulnerability on the range header in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | traffic_server | 8.0.0 – 8.1.7 | — |
| apache | traffic_server | 9.0.0 – 9.2.1 | — |
| apache_software_foundation | apache_traffic_server | <= 9.2.1 | — |
| debian | trafficserver | < trafficserver 9.2.3+ds-1+deb12u1 (bookworm) | trafficserver 9.2.3+ds-1+deb12u1 (bookworm) |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH