First published: Wed Aug 10 2022(Updated: )
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Credit: security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/trafficserver | <=8.0.2+ds-1+deb10u6 | 8.1.7-0+deb10u2 8.1.7+ds-1~deb11u1 9.2.0+ds-2+deb12u1 9.2.2+ds-1 |
Apache Traffic Server | >=8.0.0<=8.1.4 | |
Apache Traffic Server | >=9.0.0<=9.1.2 | |
Debian Debian Linux | =11.0 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.