Описание
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| trafficserver | fixed | 5.0.0-1 | package | |
| trafficserver | not-affected | wheezy | package |
Примечания
https://issues.apache.org/jira/browse/TS-2677
EPSS
Процентиль: 60%
0.00387
Низкий
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 8 лет назад
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
CVSS3: 9.8
nvd
больше 8 лет назад
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
CVSS3: 9.8
github
почти 4 года назад
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
EPSS
Процентиль: 60%
0.00387
Низкий