VYPR
Unrated severityNVD Advisory· Published Aug 10, 2022· Updated Aug 3, 2024

Transfer-Encoding not treated as hop-by-hop

CVE-2022-31778

Description

Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.

Affected products

2
  • Apache/Traffic Serverllm-fuzzy2 versions
    >=8.0.0 <=9.0.2+ 1 more
    • (no CPE)range: >=8.0.0 <=9.0.2
    • (no CPE)range: 8.0.0 to 9.0.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.