Apache Traffic Server vulnerabilities
82 known vulnerabilities affecting apache/traffic_server.
Total CVEs
82
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL12HIGH56MEDIUM14
Vulnerabilities
Page 5 of 5
CVE-2012-0256MEDIUMCVSS 5.0v2.0.0v2.0.1+17 more2012-03-26
CVE-2012-0256 [MEDIUM] CWE-119 CVE-2012-0256: Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate
Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.
nvd
CVE-2010-2952MEDIUMCVSS 4.3≤ 2.0.0v2.1.0+1 more2010-09-13
CVE-2010-2952 [MEDIUM] CWE-20 CVE-2010-2952: Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS so
Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.
nvd
← Previous5 / 5