vulnerability
FreeBSD: VID-6FD773D3-BC5A-11EA-B38D-F0DEF1D0C3EA (CVE-2020-9494): trafficserver -- resource consumption
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jun 24, 2020 | Aug 10, 2020 | Aug 10, 2020 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jun 24, 2020
Added
Aug 10, 2020
Modified
Aug 10, 2020
Description
Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.
Solution
freebsd-upgrade-package-trafficserver
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.