How severe is CVE-2022-25763?

CVE-2022-25763 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-25763

7.5HIGH

Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0

게시됨: 8/10/2022업데이트됨: 10/20/2025

설명

Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

AI 분석AI 기반

영향받는 제품

apachetraffic_server

debiandebian_linux

11.0

fedoraprojectfedora

참조

https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21
Mailing ListVendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/
Mailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/
Mailing ListThird Party Advisory
https://www.debian.org/security/2022/dsa-5206
Third Party Advisory
https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21
Mailing ListVendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/
Mailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/
Mailing ListThird Party Advisory
https://www.debian.org/security/2022/dsa-5206
Third Party Advisory