CVE-2022-25763
7.5HIGHImproper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0
Publicado: 8/10/2022Actualizado: 10/20/2025
Descripción
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Análisis IAImpulsado por IA
Productos Afectados
apachetraffic_server
apachetraffic_server
debiandebian_linux
11.0
fedoraprojectfedora
35
fedoraprojectfedora
36
Referencias
- https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21Mailing ListVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/Mailing ListThird Party Advisory
- https://www.debian.org/security/2022/dsa-5206Third Party Advisory
- https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21Mailing ListVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/Mailing ListThird Party Advisory
- https://www.debian.org/security/2022/dsa-5206Third Party Advisory