vulnerability
Ubuntu: (Multiple Advisories) (CVE-2020-9494): trafficserver vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jun 24, 2020 | Apr 1, 2022 | Mar 27, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jun 24, 2020
Added
Apr 1, 2022
Modified
Mar 27, 2026
Description
Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.
Solution
no-fix-ubuntu-package
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.