Unrated severityNVD Advisory· Published Oct 17, 2023· Updated Jun 12, 2025
Apache Traffic Server: Malformed http/2 frames can cause an abort
CVE-2023-39456
Description
Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2.
Users are recommended to upgrade to version 9.2.3, which fixes the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
29.0.0 - 9.2.2+ 1 more
- (no CPE)range: 9.0.0 - 9.2.2
- (no CPE)range: 9.0.0
Patches
Vulnerability mechanics
References
5- lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87qmitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/mitre
- www.debian.org/security/2023/dsa-5549mitre
News mentions
0No linked articles in our index yet.