| Bug | Description |
|---|
| CVE-2024-31309 | HTTP/2 CONTINUATIONDoS attack can cause Apache Traffic Server to consu ... |
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... |
| CVE-2023-41752 | Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ... |
| CVE-2023-39456 | Improper Input Validation vulnerability in Apache Traffic Server with ... |
| CVE-2023-33934 | Improper Input Validation vulnerability in Apache Software Foundation ... |
| CVE-2023-33933 | Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ... |
| CVE-2023-30631 | Improper Input Validation vulnerability in Apache Software Foundation ... |
| CVE-2022-47185 | Improper input validation vulnerability on the range header in Apache ... |
| CVE-2022-47184 | Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ... |
| CVE-2022-40743 | Improper Input Validation vulnerability for the xdebug plugin in Apach ... |
| CVE-2022-37392 | Improper Check for Unusual or Exceptional Conditions vulnerability in ... |
| CVE-2022-32749 | Improper Check for Unusual or Exceptional Conditions vulnerability han ... |
| CVE-2022-31780 | Improper Input Validation vulnerability in HTTP/2 frame handling of Ap ... |
| CVE-2022-31779 | Improper Input Validation vulnerability in HTTP/2 header parsing of Ap ... |
| CVE-2022-31778 | Improper Input Validation vulnerability in handling the Transfer-Encod ... |
| CVE-2022-28129 | Improper Input Validation vulnerability in HTTP/1.1 header parsing of ... |
| CVE-2022-25763 | Improper Input Validation vulnerability in HTTP/2 request validation o ... |
| CVE-2021-44759 | Improper Authentication vulnerability in TLS origin validation of Apac ... |
| CVE-2021-44040 | Improper Input Validation vulnerability in request line parsing of Apa ... |
| CVE-2021-43082 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ... |
| CVE-2021-41585 | Improper Input Validation vulnerability in accepting socket connection ... |
| CVE-2021-38161 | Improper Authentication vulnerability in TLS origin verification of Ap ... |
| CVE-2021-37150 | Improper Input Validation vulnerability in header parsing of Apache Tr ... |
| CVE-2021-37149 | Improper Input Validation vulnerability in header parsing of Apache Tr ... |
| CVE-2021-37148 | Improper input validation vulnerability in header parsing of Apache Tr ... |
| CVE-2021-37147 | Improper input validation vulnerability in header parsing of Apache Tr ... |
| CVE-2021-35474 | Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache ... |
| CVE-2021-32567 | Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Se ... |
| CVE-2021-32566 | Improper Input Validation vulnerability in HTTP/2 of Apache Traffic Se ... |
| CVE-2021-32565 | Invalid values in the Content-Length header sent to Apache Traffic Ser ... |
| CVE-2021-27737 | Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on th ... |
| CVE-2021-27577 | Incorrect handling of url fragment vulnerability of Apache Traffic Ser ... |
| CVE-2020-17509 | ATS negative cache option is vulnerable to a cache poisoning attack. I ... |
| CVE-2020-17508 | The ATS ESI plugin has a memory disclosure vulnerability. If you are r ... |
| CVE-2020-9494 | Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8. ... |
| CVE-2020-9481 | Apache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is vulne ... |
| CVE-2020-1944 | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0. ... |
| CVE-2019-17565 | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0. ... |
| CVE-2019-17559 | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0. ... |
| CVE-2019-10079 | Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ... |
| CVE-2019-9518 | Some HTTP/2 implementations are vulnerable to a flood of empty frames, ... |
| CVE-2019-9515 | Some HTTP/2 implementations are vulnerable to a settings flood, potent ... |
| CVE-2019-9514 | Some HTTP/2 implementations are vulnerable to a reset flood, potential ... |
| CVE-2019-9512 | Some HTTP/2 implementations are vulnerable to ping floods, potentially ... |
| CVE-2018-11783 | sslheaders plugin extracts information from the client certificate and ... |
| CVE-2018-8040 | Pages that are rendered using the ESI plugin can have access to the co ... |
| CVE-2018-8022 | A carefully crafted invalid TLS handshake can cause Apache Traffic Ser ... |
| CVE-2018-8005 | When there are multiple ranges in a range request, Apache Traffic Serv ... |
| CVE-2018-8004 | There are multiple HTTP smuggling and cache poisoning issues when clie ... |
| CVE-2018-1318 | Adding method ACLs in remap.config can cause a segfault when the user ... |
| CVE-2017-7671 | There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2 ... |
| CVE-2017-5660 | There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prio ... |
| CVE-2017-5659 | Apache Traffic Server before 6.2.1 generates a coredump when there is ... |
| CVE-2016-5396 | Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Att ... |
| CVE-2015-5206 | Unspecified vulnerability in the HTTP/2 experimental feature in Apache ... |
| CVE-2015-5168 | Unspecified vulnerability in the HTTP/2 experimental feature in Apache ... |
| CVE-2015-3249 | The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before ... |
| CVE-2014-10022 | Apache Traffic Server before 5.1.2 allows remote attackers to cause a ... |
| CVE-2014-3624 | Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to by ... |
| CVE-2014-3525 | Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, ... |
| CVE-2012-0256 | Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3. ... |
| CVE-2010-2952 | Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, d ... |