CVE-2022-25763
7.5HIGHImproper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0
Publicado: 8/10/2022Atualizado: 10/20/2025
Descrição
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Análise IADesenvolvido por IA
Produtos Afetados
apachetraffic_server
apachetraffic_server
debiandebian_linux
11.0
fedoraprojectfedora
35
fedoraprojectfedora
36
Referências
- https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21Mailing ListVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/Mailing ListThird Party Advisory
- https://www.debian.org/security/2022/dsa-5206Third Party Advisory
- https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21Mailing ListVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/Mailing ListThird Party Advisory
- https://www.debian.org/security/2022/dsa-5206Third Party Advisory