CVE-2022-31779

Опубликовано: 10 авг. 2022

Источник: debian

Описание

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
trafficserver	fixed	9.1.3+ds-1		package

Примечания

https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21

Связанные уязвимости

CVE-2022-31779

CVSS3: 7.5

ubuntu

больше 3 лет назад

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

CVE-2022-31779

CVSS3: 7.5

nvd

больше 3 лет назад

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

GHSA-449r-qg4g-v772

CVSS3: 7.5

github

больше 3 лет назад

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.