Описание
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.push_method_enabled didn't function. However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.
8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Ссылки
- Mailing ListVendor Advisory
- Mailing ListThird Party Advisory
- Mailing List
- Mailing List
- Third Party Advisory
- Mailing ListVendor Advisory
- Mailing ListThird Party Advisory
- Mailing List
- Mailing List
- Third Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
7.5 High
CVSS3
Дефекты
Связанные уязвимости
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.push_method_enabled didn't function. However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Improper Input Validation vulnerability in Apache Software Foundation ...
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.push_method_enabled didn't function. However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
Уязвимость веб-сервера Apache Traffic Server, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3