Github.Com Apache Trafficcontrol V8 vulnerabilities
2 known vulnerabilities affecting github.com/apache_trafficcontrol_v8.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1LOW1
Vulnerabilities
Page 1 of 1
CVE-2024-45387P2HIGH≥ 8.0.0, < 8.0.22024-12-23
CVE-2024-45387 [HIGH] CWE-89 SQL injection in Apache Traffic Control
SQL injection in Apache Traffic Control
An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" to execute arbitrary SQL against the database by sending a specially-crafted PUT request.
Users are recommended to upgrade to version Apache Traffic Control 8.0.2 if you run an affected version of Traffic Ops.
ghsaosv
CVE-2025-61581P3LOW≥ 0, ≤ 8.0.22025-10-16
CVE-2025-61581 [LOW] CWE-1333 Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability
Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability
*** UNSUPPORTED WHEN ASSIGNED ***
Inefficient Regular Expression Complexity vulnerability in Apache Traffic Control.
This issue affects Apache Traffic Control: all versions.
People with access to the management interface of the Traffic Router component could specify malicious patterns and cause
ghsaosv