Описание
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| trafficserver | fixed | 9.2.1+ds-1 | package |
Примечания
https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
https://github.com/apache/trafficserver/commit/867c48c1adf9e795c8d85c48d2d0f07f08aa87ec (master)
https://github.com/apache/trafficserver/commit/726a79cb2f70fcbe0e2139aab3fe56930d3d8c27 (9.2.1-rc0)
https://github.com/apache/trafficserver/commit/496fa2c4cbdf2b3d6c61760a3fb6675b74b549f0 (8.1.7)
EPSS
Связанные уязвимости
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Уязвимость веб-сервера Apache Traffic Server, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к конфиденциальной информации
EPSS