Filters
Apache Traffic ServerApache Traffic Server: Incomplete field name check allows request smuggling
7.5
First published (updated )
Apache Traffic ServerApache Traffic Server: Invalid Accept-Encoding can force forwarding requests
8.2
First published (updated )
Apache Traffic ServerApache Traffic Server: Incomplete check for chunked trailer section allows request smuggling
9.1
First published (updated )
Apache Traffic ServerApache Traffic Server: s3_auth plugin problem with hash calculation
7.5
First published (updated )
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerApache Traffic Server: Differential fuzzing for HTTP request parsing discrepancies
9.1
First published (updated )
Apache Traffic ServerApache Traffic Server: Invalid Range header causes a crash
7.5
First published (updated )
Debian Debian LinuxApache Traffic Server: Configuration option to block the PUSH method in ATS didn't work
7.5
First published (updated )
Apache Traffic ServerApache Traffic Server: s3_auth plugin problem with hash calculation
7.5
First published (updated )
Apache Traffic ServerApache Traffic Server: The TRACE method can be use to disclose network information
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerApache Traffic Server: Security issues with the xdebug plugin
6.1
First published (updated )
Apache Traffic ServerApache Traffic Server: Improperly reading the client requests
5.3
First published (updated )
Apache Traffic ServerApache Traffic Server: Improperly handled requests can cause crashes in specific plugins
7.5
First published (updated )
Apache Traffic ServerImproper HTTP/2 scheme and method validation
7.5
First published (updated )
Apache Traffic ServerImproper input validation on HTTP/2 headers
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerTransfer-Encoding not treated as hop-by-hop
7.5
First published (updated )
Apache Traffic ServerInsufficient Validation of HTTP/1.x Headers
7.5
First published (updated )
Debian Debian LinuxImproper authentication vulnerability in TLS origin verification
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerHTTP request line fuzzing attacks
7.5
First published (updated )
Apache Traffic Serverheap-buffer-overflow with stats-over-http plugin
9.8
First published (updated )
Apache Traffic ServerATS stops accepting connections on FreeBSD
7.5
First published (updated )
Debian Debian LinuxNot validating origin TLS certificate
8.1
First published (updated )
Apache Traffic ServerRequest Smuggling - multiple attacks
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerRequest Smuggling - transfer encoding validation
7.5
First published (updated )
Apache Traffic ServerRequest Smuggling - LF line ending
7.5
First published (updated )
Apache Traffic ServerDynamic stack buffer overflow in cachekey plugin
9.8
First published (updated )
Apache Traffic ServerReading HTTP/2 frames too many times
7.5
First published (updated )
Apache Traffic ServerSpecific sequence of HTTP/2 frames can cause ATS to crash
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerHTTP Request Smuggling, content length with invalid charters
7.5
First published (updated )
Apache Traffic ServerIncorrect handling of url fragment leads to cache poisoning
7.5
First published (updated )
Apache Traffic ServerThe ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgra…
7.5
First published (updated )
Apache Traffic ServerATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled…
7.5
First published (updated )
Apache Traffic ServerApache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain t…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerApache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is vulnerable to a HTTP/2 slow read at…
7.5
First published (updated )
Apache Traffic ServerThere is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5…
9.8
First published (updated )
Apache Traffic ServerThere is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5…
9.8
First published (updated )
Apache Traffic ServerThere is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5…
9.8
First published (updated )
Apache Traffic ServerApache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traf…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nodejs Node.jsSome HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service
7.8
First published (updated )
redhat/jbcs-httpd24-httpdSome HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service
7.5
First published (updated )
Nodejs Node.jsSome HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service
7.8
First published (updated )
Nodejs Node.jsSome HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service
7.8
First published (updated )
F5 Big-ip Local Traffic ManagerSome HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
F5 Big-ip Local Traffic ManagerSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service
7.8
First published (updated )
Nodejs Node.jsSome HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service
7.8
First published (updated )
Nodejs Node.jsSome HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service
7.8
First published (updated )