Sign in Get started

← All advisories

High severity7.5NVD Advisory· Published Apr 17, 2017· Updated May 13, 2026

CVE-2016-5396

CVE-2016-5396

Description

Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.

Affected products

5

Apache/Traffic Server4 versions
cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*
Apache Software Foundation/Apache Traffic Serverv5
Range: 6.0.0 to 6.2.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

issues.apache.org/jira/browse/TS-5019nvdIssue TrackingPatchThird Party Advisory
www.securityfocus.com/bid/97945nvd
www.securitytracker.com/id/1038275nvd

News mentions

0

No linked articles in our index yet.